Metasploit modules that can be used to exploit HP » Loadrunner
-
HP LoadRunner EmulationAdmin Web Service Directory Traversal
Disclosure Date: 2013-10-30First seen: 2020-04-26exploit/windows/http/hp_loadrunner_copyfiletoserverThis module exploits a directory traversal vulnerability in version 11.52 of HP LoadRunner. The vulnerability exists in the EmulationAdmin web service, specifically in the copyFileToServer method, allowing the upload of arbitrary files. This module has been tested successfully on HP LoadRunner 11.52 on Windows 2003 SP2. Authors: - rgod <rgod@autistici.org> - juan vazquez <juan.vazquez@metasploit.com> -
HP LoadRunner magentproc.exe Overflow
Disclosure Date: 2013-07-27First seen: 2020-04-26exploit/windows/misc/hp_loadrunner_magentprocThis module exploits a stack buffer overflow in HP LoadRunner before 11.52. The vulnerability exists on the LoadRunner Agent Process magentproc.exe. By sending a specially crafted packet, an attacker may be able to execute arbitrary code. Authors: - Unknown - juan vazquez <juan.vazquez@metasploit.com> -
HP LoadRunner lrFileIOService ActiveX Remote Code Execution
Disclosure Date: 2013-07-24First seen: 2020-04-26exploit/windows/browser/hp_loadrunner_writefilebinaryThis module exploits a vulnerability on the lrFileIOService ActiveX, as installed with HP LoadRunner 11.50. The vulnerability exists in the WriteFileBinary method where user provided data is used as a memory pointer. This module has been tested successfully on IE6-IE9 on Windows XP, Vista and 7, using the LrWebIERREWrapper.dll 11.50.2216.0. In order to bypass ASLR the no aslr compatible module msvcr71.dll is used. This one is installed with HP LoadRunner. Authors: - rgod <rgod@autistici.org> - juan vazquez <juan.vazquez@metasploit.com> -
HP LoadRunner lrFileIOService ActiveX WriteFileString Remote Code Execution
Disclosure Date: 2013-07-24First seen: 2020-04-26exploit/windows/browser/hp_loadrunner_writefilestringThis module exploits a vulnerability on the lrFileIOService ActiveX, as installed with HP LoadRunner 11.50. The vulnerability exists in the WriteFileString method, which allow the user to write arbitrary files. It's abused to drop a payload embedded in a dll, which is later loaded through the Init() method from the lrMdrvService control, by abusing an insecure LoadLibrary call. This module has been tested successfully on IE8 on Windows XP. Virtualization based on the Low Integrity Process, on Windows Vista and 7, will stop this module because the DLL will be dropped to a virtualized folder, which isn't used by LoadLibrary. Authors: - Brian Gorenc - juan vazquez <juan.vazquez@metasploit.com> -
HP Mercury LoadRunner Agent magentproc.exe Remote Command Execution
Disclosure Date: 2010-05-06First seen: 2020-04-26exploit/windows/misc/hp_loadrunner_magentproc_cmdexecThis module exploits a remote command execution vulnerablity in HP LoadRunner before 9.50 and also HP Performance Center before 9.50. HP LoadRunner 12.53 and other versions are also most likely vulneable if the (non-default) SSL option is turned off. By sending a specially crafted packet, an attacker can execute commands remotely. The service is vulnerable provided the Secure Channel feature is disabled (default). Authors: - Unknown - aushack <patrick@osisecurity.com.au> -
Persits XUpload ActiveX MakeHttpRequest Directory Traversal
Disclosure Date: 2009-09-29First seen: 2020-04-26exploit/windows/browser/persits_xupload_traversalThis module exploits a directory traversal in Persits Software Inc's XUpload ActiveX control(version 3.0.0.3) that's included in HP LoadRunner 9.5. By passing a string containing "..\" sequences to the MakeHttpRequest method, an attacker is able to write arbitrary files to arbitrary locations on disk. Code execution occurs by writing to the All Users Startup Programs directory. You may want to combine this module with the use of exploit/multi/handler since a user would have to log for the payload to execute. Authors: - jduck <jduck@metasploit.com> -
HP LoadRunner 9.0 ActiveX AddFolder Buffer Overflow
Disclosure Date: 2007-12-25First seen: 2020-04-26exploit/windows/browser/hp_loadrunner_addfolderThis module exploits a stack buffer overflow in Persits Software Inc's XUpload ActiveX control(version 2.1.0.1) thats included in HP LoadRunner 9.0. By passing an overly long string to the AddFolder method, an attacker may be able to execute arbitrary code. Authors: - MC <mc@metasploit.com>
7 metasploit modules found
Please note: Metasploit modules are only matched by CVE numbers.
Visit metasploit web site for more details