uTorrent DLL Hijacking Vulnerabilities

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : uTorrent DLL Hijacking Vulnerabilities
# Published : 2010-08-25
# Author : Dr_IDE
# Previous Title : Adobe Dreamweaver CS4 DLL Hijacking Exploit (ibfs32.dll)
# Next Title : TeamViewer <= 5.0.8703 DLL Hijacking Exploit (dwmapi.dll)

###########################################################################
#
# Title: 	uTorrent <=2.0.3 Dll Hijacking Local Exploits
# By:		Dr_IDE
# Tested:	Windows 7RC
# Note:		These are additional DLL's with unsafe Load Paths
# Reference:	http://www.exploit-db.com/exploits/14726/
#
############################################################################

If the payload .DLL file is renamed to any of these files and placed in the 
utorrent.exe directory, the payload will be executed with users' credentials.

	-userenv.dll

	-shfolder.dll
	
	-dnsapi.dll

	-dwmapi.dll

	-iphlpapi.dll

	-dhcpcsvc.dll

	-dhcpcsvc6.dll

	-rpcrtremote.dll

http://www.exploit-db.com/sploits/Dr_IDE.bind.dll.tar.gz

#[pocoftheday.blogspot.com]