-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

==========================================================================
==========================================================================
 Microsoft Color Control Panel (colorcpl.exe) dll hijacking
 
 Author: shinnai
 mail: shinnai[at]autistici[dot]org
 site: http://www.shinnai.altervista.org/

 This was written for educational purpose. Use it at your own risk.
 Author will be not responsible for any damage.

 Tested on:
 Windows Server 2008 Enterprise Edition full patched
==========================================================================
==========================================================================
 DESCRIPTION: c:\
 Just a classic dll injection. Put the file and the dll into same folder.
==========================================================================
==========================================================================
 INFO:
 Prg.:	colorcpl.exe
 Ver.:	6.0.6000.16386
 Ext.:	camp
	cdmp
	gmmp
	icc
	icm

 dll:	sti.dll
==========================================================================
==========================================================================
 NOTE:
 I don't know why but the colorcpl.exe on Windows 7 Professional has
 these details:

 Ver.: 6.1.7600.16385

 and is NOT vulnerable to dll hijacking
==========================================================================
==========================================================================

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)

iQIcBAEBAgAGBQJMtx60AAoJELleC2c7YdP1EroQAMOloEcf7n/t5XeY3kEk0VzQ
v56BiCG26IpvrCLqyvj0SmvhS/iTkG4z0H6uIvp8dQQFnd8Ajt408mirhzYIHsWa
ZvSeczZR0PYhOQZspEBlQh0rr6gI0wPOvMCLfV3s0zxB6sCqocwkMPTp4uzyFlwx
Bvy7Ql17PMvASTzq5XsA6+29ajZJuRhUO+d9BIX6N14ZgJ9YVo71BVUPH2eH8siX
R3MkYdKCDulc1tauQbcDMzGCUlwDPSieEVXpL36OpGna6zO6nDizvfQqwThaEu9n
QRpEajyKGPv2gOIjZwBWnCK1HSSj9jkP8/uu8MsUCnkUYjaNPZVESAOtZAwCJYTO
gTQl4VoBQ4ttRLWdQ1x06qcwtQYsAkoZB2chp5o80nw05PYQbAjfTS4GK71LDzep
1mwnuztqLMyqXJ35nChPuk68EnFK26RkFYiuBuCXp/kq8BKiKqhfUfYQqqUzyNyY
+adLTSDt12b8YLDJtwvrxn2NmqPze65zAt/eJacKMLVguGroxUY6hf1whTCef9IZ
ASYVQp3tOT1fVYllcnzTqQxEZkrKFLL7oXW5ZT2QlXJ+qLHqE4oOu7exvTL8uBBg
OVBPB++xeX1ebhB/zdaTLZ3kBkiSP/zTk25itjTb8615g62gJeiPvM8FL8iwqLs4
E442JWWMysJAq+1Sb6QX
=T1SE
-----END PGP SIGNATURE-----