CVE-2011-0923

This Metasploit module exploits CVE-2011-0923 in HP Data Protector 6.10/6.11 by sending a malformed packet to port 5555, leveraging the EXEC_CMD vulnerability to achieve remote code execution as root via directory traversal to /bin/sh.

This exploit leverages a directory traversal vulnerability in HP Data Protector Client to execute arbitrary commands (e.g., ipconfig.exe) remotely. The payload constructs a malicious path to traverse directories and execute a system command.

This exploit leverages a vulnerability in HP Data Protector to execute arbitrary commands via a crafted packet sent to the target service. It bypasses limitations of existing exploits by using the installed Perl interpreter to execute commands with arguments.

This exploit targets a remote command execution vulnerability in HP Data Protector (CVE-2011-0923) by sending a crafted shellcode payload via netcat to a specified host and port. The shellcode is designed to traverse directories and execute arbitrary commands as root.

This exploit targets a remote command execution vulnerability in HP Data Protector on HPUX systems. It sends a crafted shellcode payload followed by a command to a specified host and port using netcat.

This Metasploit module exploits HP Data Protector 6.1 by sending a crafted EXEC_CMD packet to the omniinet process, triggering arbitrary command execution via CreateProcess() when the specified file is found. The exploit leverages a path traversal technique to execute commands under the C:\ directory.

This Metasploit module exploits a vulnerability in HP Data Protector 6.10/6.11/6.20 on Linux, allowing unauthenticated remote code execution via the EXEC_CMD command. It constructs a malicious packet to traverse to /bin/sh and execute arbitrary commands as root.