Search for hundreds of thousands of exploits

"HomeGuard Pro 9.3.1 - Insecure Folder Permissions"

Author

Exploit author

boku

Platform

Exploit platform

windows

Release date

Exploit published date

2020-02-14

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
# Exploit Title: HomeGuard Pro 9.3.1 - Insecure Folder Permissions
# Exploit Author: boku
# Date: 2020-02-13
# Vendor Homepage: https://veridium.net
# Software Link: https://veridium.net/files_u/hg-pro/exe/HomeGuardPro-Setup.exe
# Version 9.3.1
# Tested On: Windows 10 (32-bit)

# HomeGuard Pro v9.3.1 - Unquoted Service Path + Insecure Folder/File/Service Permissions

## Service Information (Unquoted Service Path)
C:\>wmic service get Name,PathName,StartMode,StartName | findstr /v "C:\Windows" | findstr /i /v """
Name            PathName                                       StartMode    StartName
HG52 AM VI      C:\Program Files\HomeGuard Pro\vglset.exe      Auto         LocalSystem
HG52 AMC        C:\Program Files\HomeGuard Pro\vglsetw.exe     Auto         LocalSystem
HG52 AM REM     C:\Program Files\HomeGuard Pro\vglrem.exe      Auto         LocalSystem
HG52 AM SRV     C:\Program Files\HomeGuard Pro\vglserv.exe     Auto         LocalSystem

## Insecure Folder Permission
C:\>icacls "C:\Program Files\HomeGuard Pro" | findstr /i "Users"
C:\Program Files\HomeGuard Pro               BUILTIN\Users:(F)

## Insecure File/Service Permission
C:\>icacls "C:\Program Files\HomeGuard Pro\VGL*" | findstr /i "Users"
C:\Program Files\HomeGuard Pro\vglrem.exe    BUILTIN\Users:(I)(F)
C:\Program Files\HomeGuard Pro\VGLSERV.EXE   BUILTIN\Users:(I)(F)
C:\Program Files\HomeGuard Pro\vglset.exe    BUILTIN\Users:(I)(F)
C:\Program Files\HomeGuard Pro\vglsetw.exe   BUILTIN\Users:(I)(F)
Release DateTitleTypePlatformAuthor
2020-09-15"Tailor MS 1.0 - Reflected Cross-Site Scripting"webappsphpboku
2020-09-03"BarracudaDrive v6.5 - Insecure Folder Permissions"localwindowsboku
2020-09-02"Stock Management System 1.0 - Cross-Site Request Forgery (Change Username)"webappsphpboku
2020-08-13"GetSimple CMS Plugin Multi User 1.8.2 - Cross-Site Request Forgery (Add Admin)"webappsphpboku
2020-08-10"Warehouse Inventory System 1.0 - Cross-Site Request Forgery (Change Admin Password)"webappsphpboku
2020-07-26"LibreHealth 2.0.0 - Authenticated Remote Code Execution"webappsphpboku
2020-07-26"Online Course Registration 1.0 - Unauthenticated Remote Code Execution"webappsphpboku
2020-06-16"Bandwidth Monitor 3.9 - 'Svc10StrikeBandMontitor' Unquoted Service Path"localwindowsboku
2020-06-10"10-Strike Bandwidth Monitor 3.9 - Buffer Overflow (SEH_DEP_ASLR)"localwindowsboku
2020-05-22"Gym Management System 1.0 - Unauthenticated Remote Code Execution"webappsphpboku
2020-05-07"Pisay Online E-Learning System 1.0 - Remote Code Execution"webappsphpboku
2020-05-01"ChemInv 1.0 - Authenticated Persistent Cross-Site Scripting"webappsphpboku
2020-05-01"Online Scheduling System 1.0 - Authentication Bypass"webappsphpboku
2020-05-01"Online Scheduling System 1.0 - Persistent Cross-Site Scripting"webappsphpboku
2020-04-20"Atomic Alarm Clock x86 6.3 - 'AtomicAlarmClock' Unquoted Service Path"localwindowsboku
2020-04-20"Atomic Alarm Clock 6.3 - Stack Overflow (Unicode+SEH)"localwindowsboku
2020-04-13"Free Desktop Clock x86 Venetian Blinds Zipper 3.0 - Unicode Stack Overflow (SEH)"localwindowsboku
2020-02-17"DHCP Turbo 4.61298 - 'DHCP Turbo 4' Unquoted Service Path"localwindowsboku
2020-02-17"TFTP Turbo 4.6.1273 - 'TFTP Turbo 4' Unquoted Service Path"localwindowsboku
2020-02-17"Cuckoo Clock v5.0 - Buffer Overflow"localwindowsboku
2020-02-17"BOOTP Turbo 2.0.1214 - 'BOOTP Turbo' Unquoted Service Path"localwindowsboku
2020-02-14"SprintWork 2.3.1 - Local Privilege Escalation"localwindowsboku
2020-02-14"HomeGuard Pro 9.3.1 - Insecure Folder Permissions"localwindowsboku
2020-02-13"OpenTFTP 1.66 - Local Privilege Escalation"localwindowsboku
2020-02-11"Sync Breeze Enterprise 12.4.18 - 'Sync Breeze Enterprise' Unquoted Service Path"localwindowsboku
2020-02-11"FreeSSHd 1.3.1 - 'FreeSSHDService' Unquoted Service Path"localwindowsboku
2020-02-11"freeFTPd v1.0.13 - 'freeFTPdService' Unquoted Service Path"localwindowsboku
2020-02-11"Torrent iPod Video Converter 1.51 - Stack Overflow"localwindowsboku
2020-02-11"Disk Savvy Enterprise 12.3.18 - Unquoted Service Path"localwindowsboku
2020-02-11"Disk Sorter Enterprise 12.4.16 - 'Disk Sorter Enterprise' Unquoted Service Path"localwindowsboku
import requests
response = requests.get('https://www.nmmapper.com/api/v1/exploitdetails/48068/?format=json')

For full documentation follow the link above

Cipherscan. A very simple way to find out which SSL ciphersuites are supported by a target.

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.