0day.today - Biggest Exploit Database in the World.
Things you should know about 0day.today:
Administration of this site uses the official contacts. Beware of impostors!
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn GOLD
Administration of this site uses the official contacts. Beware of impostors!
We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!
Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Zapya Desktop 1.803 - 'ZapyaService.exe' Privilege Escalation
# Exploit Title: Zapya Desktop Version ('ZapyaService.exe') Privilege Escalation # Date: 2016/9/12 # Exploit Author: Arash Khazaei # Vendor Homepage: http://www.izapya.com/ # Software Link: http://binaries.izapya.com/Izapya/Windows_PC/ZapyaSetup_1803_en.exe # Version: 1.803 (Latest) # Tested on: Windows 7 Professional X86 - Windows 10 Pro X64 # CVE : N/A ====================== # Description : # Zapya is a 100% free tool for sharing files across devices like Android, iPhone, iPad, Window’s Phone, PC, and Mac computers in an instant. # It’s Easy to use and supports multiple languages. We are already a community of 300 million strong users and growing rapidly. # When You Install Zapya Desktop , Zapya Will Install A Service Named ZapyaService.exe And It's Placed In Zapya Installation Directory . # If We Replace The ZapyaService.exe File With A Malicious Executable File It Will Execute As NT/SYSTEM User Privilege. ====================== # Proof Of Concept : # 1- Install Zapya Desktop . # 2- Generate A Meterpreter Executable Payload . # 3- Stop Service And Replace It With ZapyaService.exe With Exact Name. # 4- Listen Handler For Connection And Start Service Again or Open Zapya Desktop , Application Will Attempt To Start Service # 5- After Starting Service We Have Reverse Meterpreter Shell With NT/SYSTEM Privilege. ================== # Discovered By Arash Khazaei ================== # 0day.today [2024-09-28] #