μTorrent (uTorrent) 2.0.3 - DLL Hijacking

Author: Dr_IDE
type: local
platform: windows
port: 
date_added: 2010-08-25  
date_updated: 2018-03-09  
verified: 1  
codes: CVE-2010-3129  
tags:   
aliases: Dr_IDE.bind.dll.tar.gz  
screenshot_url:   
application_url: http://www.exploit-db.comutorrent.exe  

raw file: 14748.txt  

###########################################################################
#
# Title: 	uTorrent <=2.0.3 Dll Hijacking Local Exploits
# By:		Dr_IDE
# Tested:	Windows 7RC
# Note:		These are additional DLL's with unsafe Load Paths
# Reference:	http://www.exploit-db.com/exploits/14726/
#
############################################################################

If the payload .DLL file is renamed to any of these files and placed in the
utorrent.exe directory, the payload will be executed with users' credentials.

	-userenv.dll

	-shfolder.dll

	-dnsapi.dll

	-dwmapi.dll

	-iphlpapi.dll

	-dhcpcsvc.dll

	-dhcpcsvc6.dll

	-rpcrtremote.dll

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/14748.tar.gz (Dr_IDE.bind.dll.tar.gz)

#[pocoftheday.blogspot.com]