Hi-Rez Studios 5.1.6.3 – ‘HiPatchService’ Unquoted Service Path

• Exploit Database
• 114 阅读

• 作者： Ekrem Can Kök
  日期： 2021-03-23
• 类别：

  • local
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/49701/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33

  # Exploit Title: Hi-Rez Studios 5.1.6.3 - 'HiPatchService' Unquoted Service Path # Dicovery by: Ekrem Can Kök # Discovery Date: 2021-03-22 # Vendor Homepage: https://www.hirezstudios.com # Version: 5.1.6.3 # Tested on: Windows 10 Pro x64   # Step to discover Unquoted Service Path:   C:\>wmic service get name, pathname, displayname, startmode | findstr /i "Auto" | findstr /i /v "C:\" | findstr /i "HiPatchService" | findstr /i /v """   Hi-Rez Studios Authenticate and Update Service HiPatchService C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe Auto   # Service info:   C:\>sc qc "HiPatchService" [SC] QueryServiceConfig SUCCESS   SERVICE_NAME: HiPatchService TYPE : 10WIN32_OWN_PROCESS START_TYPE : 2 AUTO_START ERROR_CONTROL: 0 IGNORE BINARY_PATH_NAME : C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe LOAD_ORDER_GROUP : TAG: 0 DISPLAY_NAME : Hi-Rez Studios Authenticate and Update Service DEPENDENCIES : SERVICE_START_NAME : LocalSystem   # Exploit:   This vulnerability could permit executing code during startup or reboot with the escalated privileges.