Alrighty Let’s get streight too it. I do like me a Lenovo ThinkPad I’ve had a few X201,W520,E530 and now the powerhouse that is my x230, So I was reading a blogpost on DLL Hijacking (this one – Thank you HD) and I thought I’d run it against my box while me and Woody where beating some shit up… as you do.
so following the guide the output showed me that the QCtray.exe was vulnerable via 2 DLL Injection Candidates – we’ll pick on the .loc file type
So here is a video on how to exploit it and prove that it’s vulnerable! Usually I’d use my mac but this time I rattled it out on my Kali box (lenovo hah) Sorry that the audio has fannied out on me – if you have any questions … drop me a line Enjoy.
When you follow the guide as mentioned above you will need to install ruby and have admin rights on the box your playing with, the scripts will load up all registered filetypes and monitor the behavior to see if they are being cheeky… and if they are it will rat them out so you can do cool stuff. – Great for build reviews right ?
And again with Armitage
Just for clarity I have called lenovo and explained I needed to speak to someone about this, the initial response was effectively ‘we don’t know how to find someone for you’ after some pushing and scare mongering they suggested I send them an email for them to escalate internally, I did… three weeks ago… and nothing, so consider this blog post a gentle nudge.