rejetto forum

Exploits

portfolis · 10 · 17304

0 Members and 1 Guest are viewing this topic.


Offline bmartino1

  • Tireless poster
  • ****
    • Posts: 911
  • I'm only trying to help i mean no offense.
    • View Profile
    • My HFS Google Drive Shared Link
re read you database, they have been fixed:

https://www.exploit-db.com/exploits/34852/ applies to these hfs versions: HTTP File Server 2.3a - 2.3b - 2.3c ...


https://www.exploit-db.com/exploits/34668/ was the orginal 0day exdploit on the forum that has been solved...

Has already been patched, another "programer / ethecial hacker Author: metasploit https://www.exploit-db.com/exploits/34926/  vulnerable to remote command execution attack due to a poor regex in the file ParserLib.pas (the 0day exploit, some detail in the code...

https://www.exploit-db.com/exploits/30850/ applies to these hfs versions: versions prior to HTTP File Server 2.2b

----------------------^ have been patched ^---------------------------

i would have rejeto double check these tow, as it goes over code, unsure if its a script that Author: Felipe M. Aragon has done, but is news to me... Probably have been patched by now...

https://www.exploit-db.com/exploits/31056/ ???DOS attack
Files I have snagged and share can be found on my google drive:

https://drive.google.com/drive/folders/1qb4INX2pzsjmMT06YEIQk9Nv5jMu33tC?usp=sharing


Offline portfolis

  • Occasional poster
  • *
    • Posts: 3
    • View Profile
Thank you very much for your answer

So, what do you advice me to do with this https://www.exploit-db.com/exploits/31056/ ? Is it fixed or it's better to wait for new version of hfs?


Offline Mars

  • Operator
  • Tireless poster
  • *****
    • Posts: 2063
    • View Profile
EDB-ID: 31056    CVE: 2008-0406    OSVDB-ID: 42509
Verified:    Author: Felipe M. Aragon    Published: 2008-01-23
Download Exploit: Source Raw    Download Vulnerable App: N/A


one has only to look at the date of publication to realize that HFS has evolved into security -> obsolete threat




Offline bmartino1

  • Tireless poster
  • ****
    • Posts: 911
  • I'm only trying to help i mean no offense.
    • View Profile
    • My HFS Google Drive Shared Link
Thank you very much for your answer

So, what do you advice me to do with this https://www.exploit-db.com/exploits/31056/ ? Is it fixed or it's better to wait for new version of hfs?

I totally forgot to look at the date on that one... :p

Thank you Mars, so Yeah, so far, the exploits are all patched...(the one reported anyways...)
Files I have snagged and share can be found on my google drive:

https://drive.google.com/drive/folders/1qb4INX2pzsjmMT06YEIQk9Nv5jMu33tC?usp=sharing



Offline username1565

  • Occasional poster
  • *
    • Posts: 35
    • View Profile

Offline bmartino1

  • Tireless poster
  • ****
    • Posts: 911
  • I'm only trying to help i mean no offense.
    • View Profile
    • My HFS Google Drive Shared Link
What is this: https://www.exploit-db.com/exploits/39161
Is this fixed? How to fix this?

Yes, that was the original 2014 remote command verio . The bug was I. The search setting with the template I. Wothch special characters when searched (such as the null byte). This has been patch by multiple versions atm.
Files I have snagged and share can be found on my google drive:

https://drive.google.com/drive/folders/1qb4INX2pzsjmMT06YEIQk9Nv5jMu33tC?usp=sharing


Offline username1565

  • Occasional poster
  • *
    • Posts: 35
    • View Profile
What's is this I see near HFS executable file?
UPD: Version of hfs.exe and hashes, you can see here

Inside the folder %TEMP% which I will not saw earlier, I see *.vbs files with following code:
Is this exploit or not?

« Last Edit: March 16, 2019, 11:27:11 AM by username1565 »


Offline rejetto

  • Administrator
  • Tireless poster
  • *****
    • Posts: 13523
    • View Profile
i'm sorry but you were clearly attacked because of some bug.
I read from another topic that you are using 2.3a, and that explains all.
Sadly, in the world of server software you cannot stay behind updates and be exposed on the internet. You could only if you stayed in a closed and safe environment, or you make a detailed research and find that no update you are missing contains critical fixes.