-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
==========================================================================
==========================================================================
Microsoft Color Control Panel (colorcpl.exe) dll hijacking
Author: shinnai
mail: shinnai[at]autistici[dot]org
site: http://www.shinnai.altervista.org/
This was written for educational purpose. Use it at your own risk.
Author will be not responsible for any damage.
Tested on:
Windows Server 2008 Enterprise Edition full patched
==========================================================================
==========================================================================
DESCRIPTION: c:\
Just a classic dll injection. Put the file and the dll into same folder.
==========================================================================
==========================================================================
INFO:
Prg.: colorcpl.exe
Ver.: 6.0.6000.16386
Ext.: camp
cdmp
gmmp
icc
icm
dll: sti.dll
==========================================================================
==========================================================================
NOTE:
I don't know why but the colorcpl.exe on Windows 7 Professional has
these details:
Ver.: 6.1.7600.16385
and is NOT vulnerable to dll hijacking
==========================================================================
==========================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
iQIcBAEBAgAGBQJMtx60AAoJELleC2c7YdP1EroQAMOloEcf7n/t5XeY3kEk0VzQ
v56BiCG26IpvrCLqyvj0SmvhS/iTkG4z0H6uIvp8dQQFnd8Ajt408mirhzYIHsWa
ZvSeczZR0PYhOQZspEBlQh0rr6gI0wPOvMCLfV3s0zxB6sCqocwkMPTp4uzyFlwx
Bvy7Ql17PMvASTzq5XsA6+29ajZJuRhUO+d9BIX6N14ZgJ9YVo71BVUPH2eH8siX
R3MkYdKCDulc1tauQbcDMzGCUlwDPSieEVXpL36OpGna6zO6nDizvfQqwThaEu9n
QRpEajyKGPv2gOIjZwBWnCK1HSSj9jkP8/uu8MsUCnkUYjaNPZVESAOtZAwCJYTO
gTQl4VoBQ4ttRLWdQ1x06qcwtQYsAkoZB2chp5o80nw05PYQbAjfTS4GK71LDzep
1mwnuztqLMyqXJ35nChPuk68EnFK26RkFYiuBuCXp/kq8BKiKqhfUfYQqqUzyNyY
+adLTSDt12b8YLDJtwvrxn2NmqPze65zAt/eJacKMLVguGroxUY6hf1whTCef9IZ
ASYVQp3tOT1fVYllcnzTqQxEZkrKFLL7oXW5ZT2QlXJ+qLHqE4oOu7exvTL8uBBg
OVBPB++xeX1ebhB/zdaTLZ3kBkiSP/zTk25itjTb8615g62gJeiPvM8FL8iwqLs4
E442JWWMysJAq+1Sb6QX
=T1SE
-----END PGP SIGNATURE-----