Description
Sheed AntiVirus 2.3 - Unquoted Service Path Privilege Escalation
{"lastseen": "2020-04-01T19:04:47", "references": [], "description": "\nSheed AntiVirus 2.3 - Unquoted Service Path Privilege Escalation", "edition": 1, "reporter": "Amir.ght", "exploitpack": {"type": "local", "platform": "windows"}, "published": "2016-10-11T00:00:00", "title": "Sheed AntiVirus 2.3 - Unquoted Service Path Privilege Escalation", "type": "exploitpack", "enchantments": {"dependencies": {}, "score": {"value": 1.0, "vector": "NONE"}, "backreferences": {}, "exploitation": null, "vulnersScore": 1.0}, "bulletinFamily": "exploit", "cvelist": [], "modified": "2016-10-11T00:00:00", "id": "EXPLOITPACK:4C7E040097E8DB258AD0F444EEF98011", "href": "", "viewCount": 3, "sourceData": "#########################################################################\n# Exploit Title: sheed AntiVirus Unquoted Service Path Privilege Escalation\n# Date: 11/10/2016\n# Author: Amir.ght\n# Vendor Homepage: http://sheedantivirus.ir/\n# Software Link:http://dl.sheedantivirus.ir/setup.exe\n#version : 2.3 (Latest)\n# Tested on: Windows 7\n##########################################################################\n\nsheed AntiVirus installs a service with an unquoted service path\nTo properly exploit this vulnerability,\nthe local attacker must insert an executable file in the path of the service.\nUpon service restart or system reboot, the malicious code will be run\nwith elevated privileges.\n-------------------------------------------\nC:\\>sc qc ShavProt\n[SC] QueryServiceConfig SUCCESS\n\nSERVICE_NAME: ShavProt\n TYPE : 110 WIN32_OWN_PROCESS (interactive)\n START_TYPE : 2 AUTO_START\n ERROR_CONTROL : 0 IGNORE\n BINARY_PATH_NAME : C:\\Program Files\\Sheed AntiVirus\\shgrprot.exe\n LOAD_ORDER_GROUP :\n TAG : 0\n DISPLAY_NAME : ShavProt\n DEPENDENCIES :\n SERVICE_START_NAME : LocalSystem", "cvss": {"score": 0.0, "vector": "NONE"}, "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645542857, "score": 1659814272}, "_internal": {"score_hash": "c5445e09db5cb42cac41deac50e2393a"}}
{}
Sheed AntiVirus 2.3 - Unquoted Service Path Privilege Escalation