C:\Program Files\Google\Chrome\Application\ but the dll is not part of the installation.
Chrome fails with DLL Not Found error.
If we copy any malicious DLL renamed as cryptbase.dll to C:\Program Files\Google\Chrome\Application\
Chrome will load and execute the DLL controlled by malicious user.
The source code which I used for building the DLL is at
http://blog.disects.com/2014/08/dll-injection-executing-and-testing-dlls.html
Tested on
Chrome 39.0.2171.95m (latest is also vulnerable)
Windows 7 Ultimate N SP1
Reported to Google but they didn't consider it stating as Local exploit.
No comments:
Post a Comment