iCAM Workstation Control 4.8.0.0 - Authentication Bypass

EDB-ID:

32158

CVE:



Platform:

Windows

Published:

2014-03-10

# Exploit Title: iCAM Workstation Control Software Local Authentication Bypass
# Google Dork:
# Vendor: Insight Media Internet Limited is based in the North West of England, and has 10 years experience in developing both internet and software solutions.
  Our staff are focused and committed to offering the best possible service and assistance to customers both old and new.
# Product: iCAM Workstation Control is a PC booking system designed to give organisations complete control over the access and pre-booking of publicly accessible workstations.
# Details: There is a simple local exploit in iCAM workstation control which allows a user to bypass the login screen and access the Local Disk Drive to launch applications such as a Web Browser.
# Exploitation-Technique: Local
# Date: 06-03-2014
# Exploit Author: StealthHydra
# Vendor Homepage: http://www.insight-media.co.uk/index.php?id=9
# Software Link: 
# Version: 4.8.0.0
# Tested on: Windows 7
# CVE : 
# Method:
=========

1.) From the login screen most keys are blocked accept alphanumeric keys. However if you press the Alt & Tab hotkey then you can access the desktop of the user currently running the iCAM client.

2.) Although a blank desktop, you can then press the shortcut for the Windows Help feature - Windows key & F1

3.) Once in the windows help if you type in a random string into the search box and press enter, windows explorer appears. 

4.) Once in the windows explorer you can launch various applications by navigating the windows file system.