what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution https://packetstormsecurity.com/files/108769/hp_easy_printer_care_xmlcachemgr.rb.txt https://packetstormsecurity.com/files/108769/hp_easy_printer_care_xmlcachemgr.rb.txt https://packetstormsecurity.com/files/108769/HP-Easy-Printer-Care-XMLCacheMgr-Class-ActiveX-Control-Remote-Code-Execution.html Wed, 18 Jan 2012 01:10:45 GMT This Metasploit module allows remote attackers to place arbitrary files on a users file system by abusing the "CacheDocumentXMLWithId" method from the "XMLCacheMgr" class in the HP Easy Printer HPTicketMgr.dll ActiveX Control (HPTicketMgr.dll 2.7.2.0). Code execution can be achieved by first uploading the payload to the remote machine embedding a vbs file, and then upload another mof file, which enables Windows Management Instrumentation service to execute the vbs. Please note that this module currently only works for Windows before Vista.

Related Files

No related files
packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close