HPE Intelligent Management Center dbman Command 10001 Information Disclosure

Software Link: https://h10145.www1.hpe.com/Downloads/DownloadSoftware.aspx?SoftwareReleaseUId=16759&ProductNumber=JG747AAE&lang=en&cc=us&prodSeriesId=4176535&SaidNumber=

Tested on Version: iMC_PLAT_7.1_E0302_Standard_Windows and iMC_PLAT_7.2_E0403_Std_Win

Tested on: Windows 7

CVE : CVE-2019-5392

Conversion of Nessus Plugin to Python Exploit

Nessus Plugin Name: hp_imc_dbman_cmd_10001_info_disclosure.nasl

Description: This vulnerability allow remote attacker to view the contents of arbitrary directories under the security context of the SYSTEM or root user.

Exploit-DB: https://www.exploit-db.com/exploits/47408

In this exploit I converted the Nessus Plugin to Python by using Exploit https://www.exploit-db.com/exploits/43198

POC of iMC_PLAT_7.1_E0302_Standard_Windows

POC of iMC_PLAT_7.2_E0403_Std_Win

Name		Name	Last commit message	Last commit date
Latest commit History 9 Commits
1.PNG		1.PNG
2.PNG		2.PNG
3.PNG		3.PNG
4.PNG		4.PNG
HPE_Opcode_10001_Information_Disclosure_Exploit.py		HPE_Opcode_10001_Information_Disclosure_Exploit.py
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

1.PNG

1.PNG

2.PNG

2.PNG

3.PNG

3.PNG

4.PNG

4.PNG

HPE_Opcode_10001_Information_Disclosure_Exploit.py

HPE_Opcode_10001_Information_Disclosure_Exploit.py

README.md

README.md

Repository files navigation

HPE Intelligent Management Center dbman Command 10001 Information Disclosure

Software Link: https://h10145.www1.hpe.com/Downloads/DownloadSoftware.aspx?SoftwareReleaseUId=16759&ProductNumber=JG747AAE&lang=en&cc=us&prodSeriesId=4176535&SaidNumber=

Tested on Version: iMC_PLAT_7.1_E0302_Standard_Windows and iMC_PLAT_7.2_E0403_Std_Win

Tested on: Windows 7

CVE : CVE-2019-5392

Conversion of Nessus Plugin to Python Exploit

Nessus Plugin Name: hp_imc_dbman_cmd_10001_info_disclosure.nasl

Description: This vulnerability allow remote attacker to view the contents of arbitrary directories under the security context of the SYSTEM or root user.

See Also: https://www.tenable.com/plugins/nessus/118038

Exploit-DB: https://www.exploit-db.com/exploits/47408

POC of iMC_PLAT_7.1_E0302_Standard_Windows

POC of iMC_PLAT_7.2_E0403_Std_Win

About

Releases

Packages

Languages

crazywifi/HPE-Intelligent-Management-Center-dbman-Command-10001-Information-Disclosure

Folders and files

Latest commit

History

Repository files navigation

HPE Intelligent Management Center dbman Command 10001 Information Disclosure

Software Link: https://h10145.www1.hpe.com/Downloads/DownloadSoftware.aspx?SoftwareReleaseUId=16759&ProductNumber=JG747AAE&lang=en&cc=us&prodSeriesId=4176535&SaidNumber=

Tested on Version: iMC_PLAT_7.1_E0302_Standard_Windows and iMC_PLAT_7.2_E0403_Std_Win

Tested on: Windows 7

CVE : CVE-2019-5392

Conversion of Nessus Plugin to Python Exploit

Nessus Plugin Name: hp_imc_dbman_cmd_10001_info_disclosure.nasl

Description: This vulnerability allow remote attacker to view the contents of arbitrary directories under the security context of the SYSTEM or root user.

See Also: https://www.tenable.com/plugins/nessus/118038

Exploit-DB: https://www.exploit-db.com/exploits/47408

POC of iMC_PLAT_7.1_E0302_Standard_Windows

POC of iMC_PLAT_7.2_E0403_Std_Win

About

Resources

Stars

Watchers

Forks

Languages