ESTsoft ALTools Updater Insecure File Permissions Privilege Escalation
Posted on 30 November -0001
<HTML><HEAD><TITLE>ESTsoft ALTools Updater Insecure File Permissions Privilege Escalation</TITLE><META http-equiv="Content-Type" content="text/html; charset=utf-8"></HEAD><BODY># Exploit Title: ESTsoft ALTools Updater Insecure File Permissions Privilege Escalation # Date: 26/09/2016 # Exploit Author: zaeek@protonmail.com # Vendor Homepage: http://www.estsoft.com/ # Version: 10.4.26.1 # Tested on: Windows 7 32/64bit ====Description==== ESTsoft ALTools Updater for Windows lacks of proper file permissions, creating a vector for privilege escalation attack. To properly exploit this vulnerability, the local attacker must overwrite the vulnerable file(s) with his malicious ones, as he has full Read/Write rights to the given file. ====Proof-of-Concept==== C:Program FilesESTsoftALUpdate>icacls ALUpdate.exe ALUpdate.exe BUILTINUsers:(I)(F) NT AUTHORITYSYSTEM:(I)(F) BUILTINAdministrators:(I)(F) Successfully processed 1 files; Failed processing 0 files </BODY></HTML>
