Hubstaff 1.6.1461e5e22e wow64log dll search order hijacking Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2023-05-23 |
Type : local |
Platform : windows
This exploit / vulnerability Hubstaff 1.6.1461e5e22e wow64log dll search order hijacking is for educational purposes only and if it is used you will do on your own risk!
*Description*
Hubstaff is an employee work tracker with screenshots, timesheets, billing,
in-depth reports, and more.
During testing. It was found that the system32 subdirectory was missing a
DLL library with the name *wow64log.dll* that had been required by the
hubstaff's setup file during installation. Hence, using Metasploit's
msfvenom to create a new wow64log.dll file, Tester was able to get a
reverse shell locally.
*Exploit*
1- Generate a dll file with the name wow64log.dll using the command: