Authored by Yehia Elghaly

Gom Player version suffers from a dll hijacking vulnerability.

# Exploit Title: Gom Player - nvcuda.dll DLL Hijacking
# Date: 2023-01-03
# Exploit Author: Yehia Elghaly (Mrvar0x)
# Vendor Homepage:
# Version:
# Tested on: Windows 7, Windows 10

A DLL hijacking vulnerability has been discovered Gom Player When a user loads the application it will try to load nvcuda.dll missing DLL from the same directory. Using a crafted DLL from MSFVENOM, it is possible to execute arbitrary code in the context of the current logged in user.

Gom Player can also load any malicious DLL with any given name from any directory wihtout proper checking the loaded DLL for example. Open Gom Player -- Settings -- Filter/Codec -- Render Filter -- Advanced rendering method -- Add- Browse -- Then loaded lol.dll which is generated by MSFVENOM and it will execute a reverse shell