Zapya Desktop 1.803 Privilege Escalation

`# Exploit Title: Zapya Desktop Version ('ZapyaService.exe') Privilege Escalation   
# Date: 2016/9/12  
# Exploit Author: Arash Khazaei  
# Vendor Homepage: http://www.izapya.com/  
# Software Link: http://binaries.izapya.com/Izapya/Windows_PC/ZapyaSetup_1803_en.exe  
# Version: 1.803 (Latest)  
# Tested on: Windows 7 Professional X86 - Windows 10 Pro X64  
# CVE : N/A  
  
======================  
# Description :  
# Zapya is a 100% free tool for sharing files across devices like Android, iPhone, iPad, Windows Phone, PC, and Mac computers in an instant.   
# Its Easy to use and supports multiple languages. We are already a community of 300 million strong users and growing rapidly.  
# When You Install Zapya Desktop , Zapya Will Install A Service Named ZapyaService.exe And It's Placed In Zapya Installation Directory .  
# If We Replace The ZapyaService.exe File With A Malicious Executable File It Will Execute As NT/SYSTEM User Privilege.  
======================  
  
# Proof Of Concept :  
# 1- Install Zapya Desktop .   
# 2- Generate A Meterpreter Executable Payload .  
# 3- Stop Service And Replace It With ZapyaService.exe With Exact Name.  
# 4- Listen Handler For Connection And Start Service Again or Open Zapya Desktop , Application Will Attempt To Start Service   
# 5- After Starting Service We Have Reverse Meterpreter Shell With NT/SYSTEM Privilege.  
  
==================  
# Discovered By Arash Khazaei  
==================  
`