268efc5072
3 changes to exploits/shellcodes HTTPDebuggerPro 9.11 - Unquoted Service Path CMSimple 5.4 - Local file inclusion (LFI) to Remote code execution (RCE) (Authenticated)
18 lines
No EOL
701 B
Text
18 lines
No EOL
701 B
Text
# Exploit Title: HTTPDebuggerPro 9.11 - Unquoted Service Path
|
|
# Exploit Author: Aryan Chehreghani
|
|
# Date: 23/11/2021
|
|
# Vendor Homepage: https://www.httpdebugger.com
|
|
# Software Link: https://www.httpdebugger.com/download.html
|
|
# Version: 9.11
|
|
# Tested on: Windows 10 x64
|
|
|
|
SERVICE_NAME: HTTPDebuggerPro
|
|
TYPE : 10 WIN32_OWN_PROCESS
|
|
START_TYPE : 2 AUTO_START
|
|
ERROR_CONTROL : 1 NORMAL
|
|
BINARY_PATH_NAME : "C:\Program Files (x86)\HTTPDebuggerPro\HTTPDebuggerSvc.exe"
|
|
LOAD_ORDER_GROUP :
|
|
TAG : 0
|
|
DISPLAY_NAME : HTTP Debugger Pro
|
|
DEPENDENCIES :
|
|
SERVICE_START_NAME : LocalSystem |