exploit-db-mirror/exploits/windows/local/47642.txt

# Exploit Title: RTK IIS Codec Service 6.4.10041.133 - 'RtkI2SCodec' Unquote Service Path
# Google Dork: N/A
# Date: 2019-11-11
# Exploit Author: chuyreds
# Vendor Homepage:https://www.realtek.com/en/
# Software Link: https://support.hp.com/mx-es/drivers/selfservice/hp-spectre-13-4000-x360-convertible-pc/7527520/model/7835502?sku=K8N38LA
# Version: 6.4.10041.133 
# Tested on: Windows 10 Home Single Language
# CVE : N/A

# Explot-Realtek.txt

#Service Info:

C:\Users\user>wmic service get name, displayname, pathname, startmode | findstr /i "auto" | findstr /i /v "C:\Windows\\" | findstr /i /v """
RTK IIS Codec Service	RtkI2SCodec	C:\Program Files\Realtek\Audio\IIS\RtkI2SAudioService64.exe	Auto

C:\Users\user>sc query RtkI2SCodec

NOMBRE_SERVICIO: RtkI2SCodec
        TIPO               : 10  WIN32_OWN_PROCESS
        ESTADO             : 4  RUNNING
                                (STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
        CÓD_SALIDA_WIN32   : 0  (0x0)
        CÓD_SALIDA_SERVICIO: 0  (0x0)
        PUNTO_COMPROB.     : 0x0
        INDICACIÓN_INICIO  : 0x0