# HP Nonstop

### Background

The HP Nonstop is the mainframe that I have done most of my research on. Links to my blogpost and whitepaper can be found below.

Blogpost:&#x20;

Whitepaper:

These teach the basics of HP Nonstop and the basics of privilege escalation techniques for HP Nonstop. This is a cheat sheet for commands on the HP Nonstop and some notes that may be helpful when testing them.

### Command Prompts&#x20;

Within HP Nonstop, a lot of the interaction happens by dropping into a processes shell and interacting with it directly. Each process has a different terminal prompt. These are useful to know and will be important for following along with the commands.&#x20;

| Prompt | Terminal                                                              |
| ------ | --------------------------------------------------------------------- |
| >      | TACL Shell. (Like Bash) Enter this shell by typing TACL.              |
| =      | Safeguard shell for querying Safeguard. Enter this by typing SAFECOM. |
| ?      |                                                                       |
| ;      |                                                                       |
|        |                                                                       |

### Commands

Safeguard Enumeration:&#x20;

```
>SAFECOM; INFO DETAIL,

>SAFECOM; INFO VOLUME $*

>SAFECOM; INFO SUBVOL $*.*

>SAFECOM; INFO DISKFILE $*.*.*

>SAFECOM; INFO USER *.*
```

Guardian Enumeration:

```
>PROMPT BOTH

>WHO

>OSH (from here run normal linux commands) 

>VOLUME (cd equivalent)

>FILEINFO (ls equivalent) 

>#PMSEARCHLIST ($PATH equivalent)

>DSAP

>Processes

>SQL datasets
```

PMSEARCHLIST Privesc

```
>#PMSEARCHLIST
$SYSTEM.SYSTEM $SYSTEM.PARMLIB

>SAFECOM; INFO SUBVOL $SYSTEM.SYSTEM 
NO RECORD FOUND 

>SAFECOM; INFO SUBVOL $SYSTEM.PARMLIB
NO RECORD FOUND

>VOLUME $SYSTEM.SYSTEM
>FILEINFO


>TEDIT VULNMACRO

```

Hello World TACL Macro POC

```
```

Process Privesc

```
```

PROGID Privesc

```
```

CMON Privesc

```
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://cheats.philkeeble.com/mainframes/hp-nonstop.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.