bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/windows/local/36062.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

49 lines
No EOL
1.6 KiB
Text
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

Realtek 11n Wireless LAN utility privilege escalation.
Vulnerability Discovered by Humberto Cabrera @dniz0r
http://zeroscience.mk @zeroscience
Summary:
Realtek 11n Wireless LAN utility is deployed and used by realtek
alfa cards and more in order to help diagnose and view wireless card
properties.
Description:
- Unquoted Privilege escalation that allows a user to gain SYSTEM
privileges.
Date - 12 Feb 2015
Version: 700.1631.106.2011
Vendor: www.realtek.com.tw
Advisory URL:
https://eaty0face.wordpress.com/2015/02/13/realtek-11n-wireless-lan-utility-privilege-escalation/
Tested on: Win7
[SC] QueryServiceConfig SUCCESS
SERVICE_NAME: realtek11ncu
TYPE : 110 WIN32_OWN_PROCESS (interactive)
START_TYPE : 2 AUTO_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : C:\Program Files\REALTEK\11n USB Wireless LAN
Utility\RtlService.exe
LOAD_ORDER_GROUP :
TAG : 0
DISPLAY_NAME : Realtek11nCU
DEPENDENCIES :
SERVICE_START_NAME : LocalSystem
C:\Windows\system32>sc qc realtek11nsu
[SC] QueryServiceConfig SUCCESS
SERVICE_NAME: realtek11nsu
TYPE : 110 WIN32_OWN_PROCESS (interactive)
START_TYPE : 2 AUTO_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : C:\Program Files\REALTEK\Wireless LAN
Utility\RtlService.exe
LOAD_ORDER_GROUP :
TAG : 0
DISPLAY_NAME : Realtek11nSU
DEPENDENCIES :
SERVICE_START_NAME : LocalSystem
Reference in a new issue View git blame Copy permalink