Metasploit modules that can be used to exploit Persits products
-
Persits XUpload ActiveX MakeHttpRequest Directory Traversal
Disclosure Date: 2009-09-29First seen: 2020-04-26exploit/windows/browser/persits_xupload_traversalThis module exploits a directory traversal in Persits Software Inc's XUpload ActiveX control(version 3.0.0.3) that's included in HP LoadRunner 9.5. By passing a string containing "..\" sequences to the MakeHttpRequest method, an attacker is able to write arbitrary files to arbitrary locations on disk. Code execution occurs by writing to the All Users Startup Programs directory. You may want to combine this module with the use of exploit/multi/handler since a user would have to log for the payload to execute. Authors: - jduck <jduck@metasploit.com> -
Persits XUpload ActiveX AddFile Buffer Overflow
Disclosure Date: 2008-01-25First seen: 2020-04-26exploit/windows/browser/hp_loadrunner_addfileThis module exploits a stack buffer overflow in Persits Software Inc's XUpload ActiveX control(version 3.0.0.3) thats included in HP LoadRunner 9.5. By passing an overly long string to the AddFile method, an attacker may be able to execute arbitrary code. Authors: - jduck <jduck@metasploit.com> -
HP LoadRunner 9.0 ActiveX AddFolder Buffer Overflow
Disclosure Date: 2007-12-25First seen: 2020-04-26exploit/windows/browser/hp_loadrunner_addfolderThis module exploits a stack buffer overflow in Persits Software Inc's XUpload ActiveX control(version 2.1.0.1) thats included in HP LoadRunner 9.0. By passing an overly long string to the AddFolder method, an attacker may be able to execute arbitrary code. Authors: - MC <mc@metasploit.com>
3 metasploit modules found
Please note: Metasploit modules are only matched by CVE numbers.
Visit metasploit web site for more details