exploit the possibilities
Showing 1 - 3 of 3 RSS Feed

Files

Windscribe 1.83 Unquoted Service Path
Posted Jun 28, 2020
Authored by Ethan Seow

Windscribe version 1.83 suffers from an unquoted service path vulnerability.

tags | exploit
MD5 | c948a488ce14322508f062343002d507

Related Files

Windscribe 1.83 Build 20 Unquoted Service Path
Posted Apr 10, 2020
Authored by MgThuraMoeMyint

Windscribe version 1.83 Build 20 suffers from an unquoted service path vulnerability.

tags | exploit
MD5 | c6d195ca6e0f24d70f2ab04fbf041bc9
Windscribe WindscribeService Named Pipe Privilege Escalation
Posted Feb 5, 2020
Authored by Brendan Coles, Emin Ghuliev | Site metasploit.com

The Windscribe VPN client application for Windows makes use of a Windows service WindscribeService.exe which exposes a named pipe \\.\pipe\WindscribeService allowing execution of programs with elevated privileges. Windscribe versions prior to 1.82 do not validate user-supplied program names, allowing execution of arbitrary commands as SYSTEM. This Metasploit module has been tested successfully on Windscribe versions 1.80 and 1.81 on Windows 7 SP1 (x64).

tags | exploit, arbitrary
systems | windows, 7
advisories | CVE-2018-11479
MD5 | cd70d8abe7ef8543a1dba71630a3f379
Windscribe 1.81 Code Execution
Posted May 25, 2018
Authored by Emin Ghuliev

The VPN component in Windscribe 1.81 uses the OpenVPN client for connections. Also, it creates a WindScribeService.exe system process that establishes a \\.\pipe\WindscribeService named pipe endpoint that allows the Windscribe VPN process to connect and execute an OpenVPN process or other processes (like taskkill, etc.). There is no validation of the program name before constructing the lpCommandLine argument for a CreateProcess call. An attacker can run any malicious process with SYSTEM privileges through this named pipe.

tags | exploit
MD5 | a6c5e9643876d42b920d727040388409
Page 1 of 1
Back1Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close