=====================================================
# Sublime Text Editor 3 - DLL Hijacking
=====================================================
# Vendor Homepage: https://www.sublimetext.com/
# Date: 20 Oct 2016
# Software Link : https://download.sublimetext.com/Sublime Text Build
3126 Setup.exe
# Version : Build 3126
# Author: Ashiyane Digital Security Team
# Contact: hehsan979@gmail.com
=====================================================
# Description:
Sublime Text is a sophisticated text editor for code, markup and prose.


# Vulnerable Dlls:
SspiCli.dll
DNSAPI.dll
urlmon.dll
iertutil.dll
dbghelp.dll
dbgcore.DLL
bcryptPrimitives.dll
dwrite.dll
CRYPTBASE.dll


# PoC:
1. Create a malicious dll file(with vulnerable dll name) and save it
in "C:\Program Files\Sublime Text 3" directory.

2. Execute "sublime_text.exe" from "C:\Program Files\Sublime Text 3" directory.

3. Malicious dll file gets executed.
=====================================================
# Discovered By : Ehsan Hosseini
=====================================================