rejetto forum

Software => HFS ~ HTTP File Server => Bug reports => Topic started by: portfolis on July 16, 2015, 06:15:34 AM

Title: Exploits
Post by: portfolis on July 16, 2015, 06:15:34 AM
Hello

There are exploits for HFS and at least some of them really work on 2.3e. Can you fix it?
https://www.exploit-db.com/exploits/34852/
https://www.exploit-db.com/exploits/34668/
https://www.exploit-db.com/exploits/30850/
https://www.exploit-db.com/exploits/31056/
https://www.exploit-db.com/exploits/34926/
Title: Re: Exploits
Post by: bmartino1 on July 16, 2015, 12:57:50 PM
re read you database, they have been fixed:

https://www.exploit-db.com/exploits/34852/ applies to these hfs versions: HTTP File Server 2.3a - 2.3b - 2.3c ...


https://www.exploit-db.com/exploits/34668/ was the orginal 0day exdploit on the forum that has been solved...

Has already been patched, another "programer / ethecial hacker Author: metasploit https://www.exploit-db.com/exploits/34926/  vulnerable to remote command execution attack due to a poor regex in the file ParserLib.pas (the 0day exploit, some detail in the code...

https://www.exploit-db.com/exploits/30850/ applies to these hfs versions: versions prior to HTTP File Server 2.2b

----------------------^ have been patched ^---------------------------

i would have rejeto double check these tow, as it goes over code, unsure if its a script that Author: Felipe M. Aragon has done, but is news to me... Probably have been patched by now...

https://www.exploit-db.com/exploits/31056/ ???DOS attack
Title: Re: Exploits
Post by: portfolis on July 16, 2015, 09:25:57 PM
Thank you very much for your answer

So, what do you advice me to do with this https://www.exploit-db.com/exploits/31056/ ? Is it fixed or it's better to wait for new version of hfs?
Title: Re: Exploits
Post by: Mars on July 16, 2015, 10:04:00 PM
EDB-ID: 31056    CVE: 2008-0406    OSVDB-ID: 42509
Verified:    Author: Felipe M. Aragon    Published: 2008-01-23
Download Exploit: Source Raw    Download Vulnerable App: N/A


one has only to look at the date of publication to realize that HFS has evolved into security -> obsolete threat


Title: Re: Exploits
Post by: bmartino1 on July 16, 2015, 10:33:32 PM
Thank you very much for your answer

So, what do you advice me to do with this https://www.exploit-db.com/exploits/31056/ ? Is it fixed or it's better to wait for new version of hfs?

I totally forgot to look at the date on that one... :p

Thank you Mars, so Yeah, so far, the exploits are all patched...(the one reported anyways...)
Title: Re: Exploits
Post by: portfolis on July 17, 2015, 08:47:57 PM
Ok
Thank you
Title: Re: Exploits
Post by: username1565 on February 27, 2019, 04:11:12 PM
What is this: https://www.exploit-db.com/exploits/39161
Is this fixed? How to fix this?
Title: Re: Exploits
Post by: bmartino1 on March 01, 2019, 01:31:47 PM
What is this: https://www.exploit-db.com/exploits/39161
Is this fixed? How to fix this?

Yes, that was the original 2014 remote command verio . The bug was I. The search setting with the template I. Wothch special characters when searched (such as the null byte). This has been patch by multiple versions atm.
Title: Re: Exploits
Post by: username1565 on March 15, 2019, 04:34:54 PM
What's is this I see near HFS executable file?
UPD: Version of hfs.exe and hashes, you can see here (http://rejetto.com/forum/index.php?topic=13125.msg1064467#msg1064467)

Inside the folder %TEMP% which I will not saw earlier, I see *.vbs files with following code:
Is this exploit or not?

(https://i.imgur.com/0rDMeEw.jpg) (https://imgur.com/0rDMeEw)
Title: Re: Exploits
Post by: rejetto on March 17, 2019, 05:32:32 PM
i'm sorry but you were clearly attacked because of some bug.
I read from another topic (http://rejetto.com/forum/index.php?topic=13125) that you are using 2.3a, and that explains all.
Sadly, in the world of server software you cannot stay behind updates and be exposed on the internet. You could only if you stayed in a closed and safe environment, or you make a detailed research and find that no update you are missing contains critical fixes.