HP Mercury LoadRunner Agent magentproc.exe Remote Command Execution

HP Mercury LoadRunner Agent magentproc.exe Remote Command Execution

This Metasploit module exploits a remote command execution vulnerability in HP LoadRunner before 9.50 and also HP Performance Center before 9.50. HP LoadRunner 12.53 and other versions are also most likely vulnerable if the (non-default) SSL option is turned off. By sending a specially crafted packet, an attacker can execute commands remotely. The service is […]

The post HP Mercury LoadRunner Agent magentproc.exe Remote Command Execution appeared first on MondoUnix.

Oracle MySQL UDF Payload Execution

Oracle MySQL UDF Payload Execution

This Metasploit module creates and enables a custom UDF (user defined function) on the target host via the SELECT … into DUMPFILE method of binary injection. On default Microsoft Windows installations of MySQL versions 5.5.9 and below, directory write permissions not enforced, and the MySQL service runs as LocalSystem. NOTE: This Metasploit module will leave […]

The post Oracle MySQL UDF Payload Execution appeared first on MondoUnix.

Microsoft Windows LNK File Code Execution

Microsoft Windows LNK File Code Execution

This Metasploit module exploits a vulnerability in the handling of Windows Shortcut files (.LNK) that contain a dynamic icon, loaded from a malicious DLL. This vulnerability is a variant of MS15-020 (CVE-2015-0096). The created LNK file is similar except an additional SpecialFolderDataBlock is included. The folder ID set in this SpecialFolderDataBlock is set to the […]

The post Microsoft Windows LNK File Code Execution appeared first on MondoUnix.

tnftp “savefile” Arbitrary Command Execution

tnftp “savefile” Arbitrary Command Execution

This Metasploit module exploits an arbitrary command execution vulnerability in tnftp’s handling of the resolved output filename – called “savefile” in the source – from a requested resource. If tnftp is executed without the -o command-line option, it will resolve the output filename from the last component of the requested resource. If the output filename […]

The post tnftp “savefile” Arbitrary Command Execution appeared first on MondoUnix.