This script allows executing a command with an arbitrary number of arguments on the target system by using the 'perl.exe' interpreter installed with HP Data Protector within the {install_path}/bin/
directory.
The main goal of this script is to bypass the limitation of executing only a single command without parameters, as provided by existing exploits. This exploit leverages a vulnerability in HP Data Protector to run any command on the target system.
- Microsoft Windows
- HP Data Protector A.06.20
python3 exploit.py <target> <port> <command>
python3 exploit.py 192.168.1.1 5555 'dir c:\'
python3 exploit.py 192.168.1.1 5555 'ipconfig /all'
python3 exploit.py 192.168.1.1 5555 'net user back-user b@ckUs3r!$ /ADD'
- Alessandro Di Pinto (alessandro.dipinto@artificialstudios.org)
- Claudio Moletta (mclaudio@gmail.com)
- Adapted to Python 3 by Ian Lovering
This script is based on the original exploit developed by Alessandro Di Pinto and Claudio Moletta. It has been adapted and updated to be functional in Python 3, ensuring compatibility with modern versions of Python.