Exploits

portfolis · **on:** July 16, 2015, 06:15:34 AM

Hello

There are exploits for HFS and at least some of them really work on 2.3e. Can you fix it?
https://www.exploit-db.com/exploits/34852/
https://www.exploit-db.com/exploits/34668/
https://www.exploit-db.com/exploits/30850/
https://www.exploit-db.com/exploits/31056/
https://www.exploit-db.com/exploits/34926/

bmartino1 · **Reply #1 on:** July 16, 2015, 12:57:50 PM

re read you database, they have been fixed:

https://www.exploit-db.com/exploits/34852/ applies to these hfs versions: HTTP File Server 2.3a - 2.3b - 2.3c ...

https://www.exploit-db.com/exploits/34668/ was the orginal 0day exdploit on the forum that has been solved...

Has already been patched, another "programer / ethecial hacker Author: metasploit https://www.exploit-db.com/exploits/34926/ vulnerable to remote command execution attack due to a poor regex in the file ParserLib.pas (the 0day exploit, some detail in the code...

https://www.exploit-db.com/exploits/30850/ applies to these hfs versions: versions prior to HTTP File Server 2.2b

----------------------^ have been patched ^---------------------------

i would have rejeto double check these tow, as it goes over code, unsure if its a script that Author: Felipe M. Aragon has done, but is news to me... Probably have been patched by now...

https://www.exploit-db.com/exploits/31056/ ???DOS attack

portfolis · **Reply #2 on:** July 16, 2015, 09:25:57 PM

Thank you very much for your answer

So, what do you advice me to do with this https://www.exploit-db.com/exploits/31056/ ? Is it fixed or it's better to wait for new version of hfs?

Mars · **Reply #3 on:** July 16, 2015, 10:04:00 PM

EDB-ID: 31056    CVE: 2008-0406    OSVDB-ID: 42509
Verified:    Author: Felipe M. Aragon    Published: 2008-01-23
Download Exploit: Source Raw    Download Vulnerable App: N/A

one has only to look at the date of publication to realize that HFS has evolved into security -> obsolete threat

bmartino1 · **Reply #4 on:** July 16, 2015, 10:33:32 PM

Quote from: portfolis on July 16, 2015, 09:25:57 PM

Thank you very much for your answer

So, what do you advice me to do with this https://www.exploit-db.com/exploits/31056/ ? Is it fixed or it's better to wait for new version of hfs?

I totally forgot to look at the date on that one... :p

Thank you Mars, so Yeah, so far, the exploits are all patched...(the one reported anyways...)

portfolis · **Reply #5 on:** July 17, 2015, 08:47:57 PM

Ok
Thank you

username1565 · **Reply #6 on:** February 27, 2019, 04:11:12 PM

What is this: https://www.exploit-db.com/exploits/39161
Is this fixed? How to fix this?

bmartino1 · **Reply #7 on:** March 01, 2019, 01:31:47 PM

Quote from: username1565 on February 27, 2019, 04:11:12 PM

What is this: https://www.exploit-db.com/exploits/39161
Is this fixed? How to fix this?

Yes, that was the original 2014 remote command verio . The bug was I. The search setting with the template I. Wothch special characters when searched (such as the null byte). This has been patch by multiple versions atm.

username1565 · **Reply #8 on:** March 15, 2019, 04:34:54 PM

What's is this I see near HFS executable file?
UPD: Version of hfs.exe and hashes, you can see here

Inside the folder %TEMP% which I will not saw earlier, I see *.vbs files with following code:
Is this exploit or not?

rejetto · **Reply #9 on:** March 17, 2019, 05:32:32 PM

i'm sorry but you were clearly attacked because of some bug.
I read from another topic that you are using 2.3a, and that explains all.
Sadly, in the world of server software you cannot stay behind updates and be exposed on the internet. You could only if you stayed in a closed and safe environment, or you make a detailed research and find that no update you are missing contains critical fixes.

Exploits

portfolis

Exploits

bmartino1

Re: Exploits

portfolis

Re: Exploits

Mars

Re: Exploits

bmartino1

Re: Exploits

portfolis

Re: Exploits

username1565

Re: Exploits

bmartino1

Re: Exploits

username1565

Re: Exploits

rejetto

Re: Exploits