Jump to content

Hacker Technology

A group blog by Leader in Hacker Website - Providing Professional Ethical Hacking Services

  • Entries

    16114

  • Comments

    7952

  • Views

    863103362

Contributors to this blog

  • HireHackking 16114

About this blog

Hacking techniques include penetration testing, network security, reverse cracking, malware analysis, vulnerability exploitation, encryption cracking, social engineering, etc., used to identify and fix security flaws in systems.

HireHackking 
# Exploit Title: Sherpa Connector Service v2020.2.20328.2050 - Unquoted Service Path
# Exploit Author: Manthan Chhabra (netsectuna), Harshit (fumenoid)
# Version: 2020.2.20328.2050
# Date: 02/04/2022
# Vendor Homepage: http://gimmal.com/
# Vulnerability Type: Unquoted Service Path
# Tested on: Windows 10
# CVE: CVE-2022-23909


# Step to discover Unquoted Service Path:

C:\>wmic service get name,displayname,pathname,startmode | findstr /i
"sherpa" | findstr /i "auto" |findstr /i /v "c:\windows\\" |findstr /i /v
"""

Sherpa Connector Service
         Sherpa Connector Service                                C:\Program
Files\Sherpa Software\Sherpa Connector\SherpaConnectorService.exe
                                 Auto

C:\>sc qc "Sherpa Connector Service"

[SC] QueryServiceConfig SUCCESS

SERVICE_NAME: Sherpa Connector Service
        TYPE               : 10  WIN32_OWN_PROCESS
        START_TYPE         : 2   AUTO_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME   : C:\Program Files\Sherpa Software\Sherpa
Connector\SherpaConnectorService.exe
        LOAD_ORDER_GROUP   :
        TAG                : 0
        DISPLAY_NAME       : Sherpa Connector Service
        DEPENDENCIES       : wmiApSrv
        SERVICE_START_NAME : LocalSystem