Viscosity 1.6.7 – Local Privilege Escalation

• Exploit Database
• 30 阅读

• 作者： Kacper Szurek
  日期： 2017-01-31
• 类别：

  • local
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/41207/

• # Exploit Title: Viscosity for Windows 1.6.7 Privilege Escalation
  # Date: 31.01.2017
  # Software Link: https://www.sparklabs.com/
  # Exploit Author: Kacper Szurek
  # Contact: https://twitter.com/KacperSzurek
  # Website: https://security.szurek.pl/
  # Category: local
   
  1. Description
  
  It is possible to execute openvpn with custom dll as SYSTEM using ViscosityService because path is not correctly validated. 
  
  https://security.szurek.pl/viscosity-for-windows-167-privilege-escalation.html
  
  2. Proof of Concept
  
  https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/41207.zip
  
  3. Solution
  
  Update to version 1.6.8
  
  https://www.sparklabs.com/blog/viscosity-for-mac-windows-version-1-6-8/