HP Data Protector Client 6.11 - EXEC_CMD Remote Code Execution

HP Data Protector Client 6.11 - EXECCMD Remote Code Execution Exploit Title: HP Data Protector Client EXECCMD Remote Code Execution Vulnerability PoC ZDI-11-055 Date: 2011-05-28 Author: @fdiskyou e-mail: rui at deniable.org Version: 6.11 Tested on: Windows 2003 Server SP2 en CVE: CVE-2011-0923...

smb-psexec NSE Script

Implements remote process execution similar to the Sysinternals' psexec tool, allowing a user to run a series of programs on a remote machine and read the output. This is great for gathering information about servers, running the same tool on a range of system, or even installing a backdoor on a...

Find Windows Admin Tools over WMI if IIS installed (win)

If IIS installed, find Windows Admin Tools over WMI: arp.exe, at.exe, atsvc.exe, cacls.exe, cmd.exe, cscript.exe, debug.exe, edit.com, edlin.exe, ftp.exe, finger.exe, ipconfig.exe, net.exe, netsh.exe, netstat.exe, nslookup.exe, ping.exe, poledit.exe, posix.exe, qbasic.exe, rcp.exe, rdisk.exe,...