Add new target thanks for cabetux

2012-08-15 16:06:09 -05:00 · 2012-08-15 16:06:09 -05:00 · a228e42630
parent ac2e3dd44e
commit a228e42630
1 changed files with 8 additions and 6 deletions
--- a/modules/exploits/linux/misc/hp_data_protector_cmd_exec.rb
+++ b/modules/exploits/linux/misc/hp_data_protector_cmd_exec.rb
@ -14,7 +14,7 @@ class Metasploit3 < Msf::Exploit::Remote

 	def initialize(info = {})
 		super(update_info(info,
-			'Name'            => 'HP Data Protector 6.1 EXEC_CMD Remote Code Execution',
+			'Name'            => 'HP Data Protector 6 EXEC_CMD Remote Code Execution',
 			'Description'     => %q{
 				This exploit abuses a vulnerability in the HP Data Protector service. This
 				flaw allows an unauthenticated attacker to take advantage of the EXEC_CMD
@ -23,9 +23,10 @@ class Metasploit3 < Msf::Exploit::Remote
 			},
 			'Author'          =>
 				[
-					'ch0ks',    # poc
-					'c4an',     # msf poc
-					'wireghoul' # Improved msf
+					'ch0ks',          # poc
+					'c4an',           # msf poc
+					'wireghoul',      # Improved msf
+					'Javier Ignacio'  #Verified on A06.20
 				],
 			'References'      =>
 				[
@ -33,7 +34,8 @@ class Metasploit3 < Msf::Exploit::Remote
 					[ 'OSVDB', '72526'],
 					[ 'URL', 'http://www.zerodayinitiative.com/advisories/ZDI-11-055/'],
 					[ 'URL', 'http://c4an-dl.blogspot.com/hp-data-protector-vuln.html'],
-					[ 'URL', 'http://hackarandas.com/blog/2011/08/04/hp-data-protector-remote-shell-for-hpux']
+					[ 'URL', 'http://hackarandas.com/blog/2011/08/04/hp-data-protector-remote-shell-for-hpux'],
+					[ 'URL', 'https://community.rapid7.com/thread/2253' ]
 				],
 			'DisclosureDate'  => 'Feb 7 2011',
 			'Platform'        => [ 'unix','linux'],
@ -46,7 +48,7 @@ class Metasploit3 < Msf::Exploit::Remote
 				},
 			'Targets'         =>
 				[
-					[ 'HP Data Protector 6.10/6.11 on Linux', {}]
+					[ 'HP Data Protector 6.10/6.11/6.20 on Linux', {}]
 				],
 			'DefaultTarget'   => 0
 		))