# Exploit Title: Remote Mouse GUI 3.008 - Local Privilege Escalation # Exploit Author: Salman Asad (@deathflash1411) # Date: 17.06.2021 # Version: Remote Mouse 3.008 # Tested on: Windows 10 Pro Version 21H1 # Note: Local/RDP access is required to exploit this vulnerability This method is also known as Citrix Method (Insecure GUI App) After installation remote mouse runs as administrator and autostarts by default PoC: Open remote mouse from the system tray Go to Settings Click "Change..." in the "Image Transfer Folder" area Save As prompt will appear Enter "C:\Windows\System32\cmd.exe" Command Prompt is spawned with administrator privileges
Credits and Partners
All rights reserved nPulse.net 2009 - 2025
Powered by: MVCP2 / BVCP / ASPF-MILTER / PHP 8.3 / NGINX / FreeBSD
