File Santizer For HP ProtectTools 5.0.1.3 Unquoted Service Path

File Sanitizer for HP ProtectTools version 5.0.1.3 suffers from an unquoted service path vulnerability.


MD5 | 8ce6b10450a1d248fc6df2fe1a7d5f30

#Exploit Title:  File Sanitizer for HP ProtectTools 5.0.1.3 - 'HPFSService' Unquoted Service Path
#Exploit Author : SamAlucard
#Exploit Date: 2022-02-14
#Vendor : Hewlett-Packard(HP)
#Version : File Sanitizer for HP ProtectTools 5.0.1.3
#Vendor Homepage : http://www.hp.com
#Tested on OS: Windows 7 Pro

#Analyze PoC :
==============

C:\>sc qc HPFSService
[SC] QueryServiceConfig CORRECTO

NOMBRE_SERVICIO: HPFSService
TIPO : 10 WIN32_OWN_PROCESS
TIPO_INICIO : 2 AUTO_START
CONTROL_ERROR : 1 NORMAL
NOMBRE_RUTA_BINARIO: C:\Program Files (x86)\Hewlett-Packard\File
Sanitizer\HPFSService.exe
GRUPO_ORDEN_CARGA : File System
ETIQUETA : 0
NOMBRE_MOSTRAR : File Sanitizer for HP ProtectTools
DEPENDENCIAS :
NOMBRE_INICIO_SERVICIO: LocalSystem


Related Posts