TUCoPS :: HP Unsorted Nums :: bu-1501.htm

0day vulnerability Sogou input method to obtain system privileges
0day vulnerability Sogou input method to obtain system privileges
0day vulnerability Sogou input method to obtain system privileges


###################################################################=0D
# 0day vulnerability Sogou input method to obtain system privileges =0D
###################################################################=0D
Vulnerability:=0D
Do not intend to found a very serious vulnerability, and the year 3389 input loophole similar.However, no system was not being loaded does not affect input method (logged in system).=0D
If the remote server installed , sign-on system is loaded after the search dogs, but not timely write-off or kill off Sogou input method directly to shut down the remote connection,=0D
then the server is very dangerous strategy. =0D
=0D
Test environment: =0D
OS: windows 7 ultimate=0D
Sogou input method official version 4.3 =0D
=0D
Vulnerability Process Description: =0D
When windows is loaded Sogou input method later (after sign-on system), =0D
lock the computer (cltr+alt+del) Switch to Sogou input method, enter the letters appear Sogou Pinyin input method tool bar, click search, will be called iexplorer.exe =0D
Then you can call directly in the IE address bar system32 directory and run the cmd, if the login account for the administrators group. Directly access the local system privileges. =0D
###################################################################=0D
# Discoverd By: Securitylab.ir=0D
# Website: http://securitylab.ir=0D 
# Contacts: k4mr4n_st@yahoo.com=0D 
###################################################################

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH