![]() The service readed something from it, wrote something to it. I launched ProcMon and started looking closely at the service’s behavior.Ī file placed at «C:\ProgramData\ABBYY\FineReader\15\Licenses\Licensing.cnt» grabbed my attention. The answer was «yes» – there was a service in this product (judging by the name «ABBYY network license server», it is licensing related), which is launched with NT AUTHORITY\SYSTEM privileges by default. I downloaded a FineReader trial version from ABBYY website and quickly tested it on whether it is relevant to search for privilege escalation vulnerabilities. This vulnerability was assigned CVE-2019-20383, here is a link to ABBYY website. TL DR: I am going to tell how you can escalate privileges from user to NT AUTHORITY\SYSTEM in 10 minutes, using the licensing component of ABBYY FineReader. But today it is not about a gaming launcher, but a desktop application ABBYY FineReader. I continue my series about Windows applications privilege escalation discovery.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |