[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

League of Legends Screensaver - Insecure File Permissions Privilege Escalation

Author
Vincent Yiu
Risk
[
Security Risk High
]
0day-ID
0day-ID-25593
Category
local exploits
Date add
07-06-2016
Platform
windows
# Exploit Title: League of Legends Screensaver Insecure File Permissions
Privilege Escalation
# CVE-ID: NA
# Date: 13/04/2016
# Exploit Author: Vincent Yiu
# Contact: vysec.private@gmail.com
# Vendor Homepage: http://www.leagueoflegends.com
# Software Link: screensaver.euw.leagueoflegends.com/en_US
# Version: MD5 Hash: 0C1B02079CA8BF850D59DD870BC09963
# Tested on: Windows 7 Professional x64 fully updated.
 
1. Description:
 
The League of Legends screensaver was installed with insecure file
permissions. It was found that all folder and file permissions were
incorrectly configured during installation. It was possible to replace the
service binary.
 
This was reported to Riot Games and has been rectified in the latest
version.
 
2. Proof
 
http://i.imgur.com/5fVijDK.png
 
3. Exploit:
 
Replace service.exe in 'C:\Riot Games\LolScreenSaver\service' to run
service.exe as SYSTEM.

#  0day.today [2024-12-25]  #