Misconfigured software installations/insecure file permissions
In this recipe, we look at an attacker can misconfigured software installations and escalate privileges on the application. This is one of the classic examples where the installed setup is configured without considering the user's rights over the files and folders of the application.
Getting ready
For this recipe, we will need to install an called WinSMS. This can be downloaded from https://www.exploit-db.com/exploits/40375/ and can be installed on any Windows machine running XP, Vista, 7, or 10. For demo purposes, we will be using Windows 7. Apart from this, we will need our Kali system up and running to take the reverse shell.
How to do it...
- Once we install the application, we will execute our command prompt and check for the permissions on the folder where the file has installed itself. Enter the following command:
cacls "C:\Program Files\WinSMS"
The output will be as shown in the following screenshot:
- As we can see...