Macpaw encrypto 1.0.1 encrypto service unquoted service path Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2021-03-22 |
Type : local |
Platform : windows
This exploit / vulnerability Macpaw encrypto 1.0.1 encrypto service unquoted service path is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
# Exploit Title: MacPaw Encrypto 1.0.1 - 'Encrypto Service' Unquoted Service Path
# Discovery by: Ismael Nava
# Discovery Date: 03-19-2020
# Vendor Homepage: https://macpaw.com/encrypto
# Software Links : https://dl.devmate.com/com.macpaw.win.Encrypto/EncryptoforWin.exe?cid=78456412.1616181092
# Tested Version: 1.0.1
# Vulnerability Type: Unquoted Service Path
# Tested on OS: Windows 10 64 bits
# Step to discover Unquoted Service Path:
C:\>wmic service get name, displayname, pathname, startmode | findstr /i "Auto" | findstr /i /v "C:\Windows\\" |findstr /i /v """
Encrypto Service Encrypto.Service C:\Program Files\Encrypto\Encrypto.Service.exe Auto