Pegasus X DLL hijacking

Pegasus X DLL hijacking
2023-9-22 00:4:15 Author: cxsecurity.com(查看原文) 阅读量:6 收藏

#include <windows.h> // Define the window class WNDCLASSEX wcex; wcex.cbSize = sizeof(WNDCLASSEX); wcex.style = CS_HREDRAW | CS_VREDRAW; wcex.lpfnWndProc = DefWindowProc; wcex.cbClsExtra = 0; wcex.cbWndExtra = 0; wcex.hInstance = GetModuleHandle(NULL); wcex.hIcon = LoadIcon(NULL, IDI_APPLICATION); wcex.hCursor = LoadCursor(NULL, IDC_ARROW); wcex.hbrBackground = (HBRUSH)(COLOR_WINDOW + 1); wcex.lpszMenuName = NULL; wcex.lpszClassName = "CVE-2023-41064"; // Register the window class RegisterClassEx(&wcex); // Create the window HWND hwnd = CreateWindow("CVE-2023-41064", "CVE-2023-41064", WS_OVERLAPPEDWINDOW, CW_USEDEFAULT, 0, CW_USEDEFAULT, 0, NULL, NULL, GetModuleHandle(NULL), NULL); // Show the window ShowWindow(hwnd, SW_SHOW); // Update the window UpdateWindow(hwnd); // Message loop MSG msg; while (GetMessage(&msg, NULL, 0, 0)) { TranslateMessage(&msg); DispatchMessage(&msg); }

References:

https://github.com/apt0factury/CVE-2023-41064/blob/main/Pegasus%20X%20DLL%20hijacking

Thanks for you comment!
Your message is in quarantine 48 hours.

{{ x.nick }}

Date:

{{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

文章来源: https://cxsecurity.com/issue/WLB-2023090073
如有侵权请联系:admin#unsafe.sh

References:

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.