Skip to content
GOG Galaxy Exploit for CVE-2019-15511
Python
Branch: master
Clone or download
Latest commit b3c1dbc Nov 15, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
README.md
exploit.py

README.md

GOG Galaxy Exploit for CVE-2019-15511

usage: exploit.py [-h]
                 [--action {LaunchElevatedRequest,FixDirectoryPrivilegesRequest,CreateDirectoryRequest,QueryProcessInfoRequest,InstallServiceRequest,DeleteServiceRequest,MoveAndVerifyGlobalDependencyRequest}]
                 target

positional arguments:
  target

optional arguments:
  -h, --help            show this help message and exit
  --action {LaunchElevatedRequest,FixDirectoryPrivilegesRequest,CreateDirectoryRequest,QueryProcessInfoRequest,InstallServiceRequest,DeleteServiceRequest,MoveAndVerifyGlobalDependencyRequest}

It exploits lack of auth when sensitive GalaxyClientService methods are called. Try FixDirectoryPrivilegesRequest (grants EVERYONE access to target file) or CreateDirectoryRequest (creates directory in target location) to see it in action.

You can’t perform that action at this time.