infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix metadata

bug/bundler_fix
jvazquez-r7 2014-10-08 10:29:59 -05:00
parent a2a2ca550e
commit d913bf1c35
1 changed files with 7 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
modules/exploits/windows/http/http_file_server_exec.rb
View File

@ -15,11 +15,12 @@ class Metasploit3 < Msf::Exploit::Remote
def initialize(info={})
super(update_info(info,
'Name' => "HttpFileServer 2.3.x Remote Command Execution",
'Name' => "HttpFileServer Remote Command Execution",
'Description' => %q{
HFS is vulnerable to remote command execution attack due to a poor regex in the file
ParserLib.pas. This module exploit the HFS scripting commands by using '%00' to bypass
the filtering.
HttpFileServer (HFS) is vulnerable to remote command execution attack due to a poor regex
in the file ParserLib.pas. This module exploit the HFS scripting commands by using '%00'
to bypass the filtering. This module has been tested successfully on HFS 2.3b over Windows
XP SP3, Windows 7 SP1 and Windows 8.
},
'License' => MSF_LICENSE,
'Author' =>
@ -29,17 +30,12 @@ class Metasploit3 < Msf::Exploit::Remote
],
'References' =>
[
['URL', 'http://seclists.org/bugtraq/2014/Sep/85'],
['URL', 'http://www.rejetto.com/hfs/download'],
['URL', 'http://www.rejetto.com/wiki/index.php?title=HFS:_scripting_commands'],
['CVE', '2014-6287'],
['OSVDB', '111386'],
['URL', 'http://seclists.org/bugtraq/2014/Sep/85'],
['URL', 'http://www.rejetto.com/wiki/index.php?title=HFS:_scripting_commands']
],
'Payload' => { 'BadChars' => "\x0d\x0a\x00" },
# Tested HFS 2.3b :
# - Windows XP (Build 2600, Service Pack 3).
# - Windows 7 (Build 7601, Service Pack 1).
# - Windows 8 (Build 9200).
'Platform' => 'win',
'Targets' =>
[