Jump to content

Hacker Technology

A group blog by Leader in Hacker Website - Providing Professional Ethical Hacking Services

  • Entries

    16114

  • Comments

    7952

  • Views

    863573073

Contributors to this blog

  • HireHackking 16114

About this blog

Hacking techniques include penetration testing, network security, reverse cracking, malware analysis, vulnerability exploitation, encryption cracking, social engineering, etc., used to identify and fix security flaws in systems.

HireHackking 
# Exploit Title: Vembu BDR 4.2.0.1 U1 - Multiple Unquoted Service Paths
# Date: 2020-11-6
# Exploit Author: Mohammed Alshehri
# Vendor Homepage: https://www.vembu.com/
# Software Link: https://sg-build-release.s3.amazonaws.com/BDRSuite/V420/4202020051312/Vembu_BDR_Backup_Server_Setup_4_2_0_1_U1_GA.exe
# Version: Version 4.2.0.1 U1
# Tested on: Microsoft Windows 10 Education - 10.0.17763 N/A Build 17763


# Service info:
C:\Users\m507>sc qc "hsflowd"
[SC] QueryServiceConfig SUCCESS

SERVICE_NAME: hsflowd
        TYPE               : 10  WIN32_OWN_PROCESS
        START_TYPE         : 2   AUTO_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME   : C:\Program Files\Vembu\VembuBDR\..\VembuBDR360Agent\bin\hsflowd.exe
        LOAD_ORDER_GROUP   :
        TAG                : 0
        DISPLAY_NAME       : Host_sFlow_Agent
        DEPENDENCIES       :
        SERVICE_START_NAME : LocalSystem

C:\Users\m507>sc qc "VembuBDR360Agent"
[SC] QueryServiceConfig SUCCESS

SERVICE_NAME: VembuBDR360Agent
        TYPE               : 10  WIN32_OWN_PROCESS
        START_TYPE         : 2   AUTO_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME   : C:\Program Files\Vembu\VembuBDR\..\VembuBDR360Agent\bin\VembuBDR360Agent.exe
        LOAD_ORDER_GROUP   :
        TAG                : 0
        DISPLAY_NAME       : VembuBDR360Agent
        DEPENDENCIES       :
        SERVICE_START_NAME : LocalSystem

C:\Users\m507>sc qc "VembuOffice365Agent"
[SC] QueryServiceConfig SUCCESS

SERVICE_NAME: VembuOffice365Agent
        TYPE               : 10  WIN32_OWN_PROCESS
        START_TYPE         : 2   AUTO_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME   : C:\Program Files\Vembu\VembuBDR\..\VembuOffice365Agent\bin\VembuOffice365Agent.exe
        LOAD_ORDER_GROUP   :
        TAG                : 0
        DISPLAY_NAME       : VembuOffice365Agent
        DEPENDENCIES       :
        SERVICE_START_NAME : LocalSystem

C:\Users\m507>


# Exploit:
This vulnerability could permit executing code during startup or reboot with the escalated privileges.