Gom Player 2.3.92.5362 DLL Hijacking
2024-1-14 22:7:29 Author: cxsecurity.com(查看原文) 阅读量:9 收藏

# Exploit Title: Gom Player 2.3.92.5362 - nvcuda.dll DLL Hijacking # Date: 2023-01-03 # Exploit Author: Yehia Elghaly (Mrvar0x) # Vendor Homepage: https://www.mrvar0x.com/ # Version: 2.3.92.5362 # Tested on: Windows 7, Windows 10 A DLL hijacking vulnerability has been discovered Gom Player 2.3.92.5362. When a user loads the application it will try to load nvcuda.dll missing DLL from the same directory. Using a crafted DLL from MSFVENOM, it is possible to execute arbitrary code in the context of the current logged in user. Gom Player 2.3.92.5362 can also load any malicious DLL with any given name from any directory wihtout proper checking the loaded DLL for example. Open Gom Player -- Settings -- Filter/Codec -- Render Filter -- Advanced rendering method -- Add- Browse -- Then loaded lol.dll which is generated by MSFVENOM and it will execute a reverse shell



 

Thanks for you comment!
Your message is in quarantine 48 hours.


文章来源: https://cxsecurity.com/issue/WLB-2024010053
如有侵权请联系:admin#unsafe.sh