Beautify description

jvazquez-r7 · jvazquez-r7 · commit fa9d9211382a · 2015-03-04T13:07:10.000-06:00
diff --git a/modules/exploits/windows/misc/hp_dataprotector_cmd_exec.rb b/modules/exploits/windows/misc/hp_dataprotector_cmd_exec.rb
@@ -16,11 +16,15 @@ def initialize(info={})
     super(update_info(info,
       'Name'           => 'HP Data Protector 8.10 Remote Command Execution',
       'Description'    => %q{
-        A remote command execution is triggered when a crafted command is sent to the Hp Data
-        Protector Manager on TCP Port 5555.
+        This module exploits a remote command execution on HP Data Protector 8.10. Arbitrary
+        commands can be execute by sending crafted requests with opcode 28 to the OmniInet
+        service listening on the TCP/5555 port. Since there is an strict length limitation on
+        the command, rundll32.exe is executed, and the payload is provided through a DLL by a
+        fake SMB server. This module has been tested successfully on HP Data Protector 8.1 on
+        Windows 7 SP1.
       },
       'Author'         => [
-        'Christian Ramirez', # POC,
+        'Christian Ramirez', # POC
         'Henoch Barrera', # POC
         'Matthew Hall <hallm[at]sec-1.com>' # Metasploit Module
       ],
