# Exploit Title: SUPERAntiSpyware Professional X Trial < 10.0.1206 Local Privilege Escalation  
# Date: 2020-08-28  
# Exploit Author: b1nary  
# Vendor Homepage:  
# Software Link:  
# Version: 10.0.1206 (lower versions are affected as well)  
# Vulnerability Description  
SUPERAntiSpyware Professional X Trial versions prior to 10.0.1206 are vulnerable to local privilege escalation because it allows unprivileged users to restore quarantined files to a privileged location through a NTFS directory junction.  
# Proof of Concept  
1. Place a dll payload in an empty folder  
2. Scan the payload with the SUPERAntiSpyware Professional X Trial in order to get it detected.  
3. Once it is detected and moved to quarantine, create a NTFS directory junction.  
4. Restore the payload and reboot the system.  
Full PoC video:  
# References