CVE-2014-6287

HttpFileServer httpd 2.3

Modified version of CVE-2014-6287 python script

cheatsheets and exploit code/scripts

Exploits/Tools/Cheatsheets Exploits OS Link CVE-2017-7269 Windows here Kernel 224 PrivEsc (ptrace kmod) Linux here Kernel 2637 full nelson Linux here MS08-067 Python Reverse Shell Windows here MS10-015 KiTrap0D Windows here MS11-046 afd privesc Windows here MS13-053 NTUserMessageCall Windows here MS14-058 HttpFileServer 23 RCE (CVE-2014-6287) Windows h

A write up on the Steel Mountain box from TryHackMe.com and exploit for CVE-2014-6287

THM-Steel_Mountain-CVE-2014-6287 A write up on the Steel Mountain box from TryHackMecom and exploit for CVE-2014-6287 Credits I take no credit for the original discovery and exploitation of this vulnerability Thank you to the following people! Discovery: Daniele Linguaglossa Metasploit Module Author: Muhamad Fadzil Ramli TryHackMe Room & Author: tryhackmecom/

I lerarnhow haced the Windows machine. I use metasploit for initial access, utilise powershell for Windows privilege escalation enumeration and I learn a new technique to get Administrator access.

THM-SteelMountain I lerarn how haced the Windows machine I use metasploit for initial access, utilise powershell for Windows privilege escalation enumeration and I learn a new technique to get Administrator access <THM Steel Mountain room #Task1 Open website in adress 1010135167 in Virtaul Machine I open page source preview to see name employee of the month: Bill H

This is a cheat sheet on how to use some CVEs for penetration testing. Note: don't be retarded and use this on production environments - especially if you don't have permission or have a backup config in case shit hits the fan.

CVE-Cheat-Sheet This is a cheat sheet on how to use some CVEs for penetration testing Note: don't be retarded and use this on production environments - especially if you don't have permission or have a backup config in case shit hits the fan CVE-2015-1328 Read more What does this CVE do? The overlayfs implementation in the linux (aka Linux kernel) packag

CVE-2014-6287

Rejetto HTTP File Server HFS 23x - Remote Command Execution CVE-2014-6287 Rewrite of Pergyz 49584py to return an x64 PowerShell Reverse Shell Usage $ python3 hfs-2-3-exploitpy Supply variables when prompted, auto starts Netcat for you

CVE-2014-6287 Rejetto HFS 2.3

CVE-2014-6287 Rejetto HFS 23x A python3 script for the CVE-2014-6287 Rejetto HFS RCE exploit in order get a reverse shell Getting Started Executing program With python3 python3 hfspy -t hfssitecom -lhost 127001 -lport 9001 Help For help menu: python3 hfspy -h Disclaimer All the cod

Exploit for the Rejetto HFS 2.3 RCE Vulnerability

Rejetto HttpFileServer 23x RCE Exploit Vulnerability CVE-2014-6287 The findMacroMarker function in parserLibpas in Rejetto HTTP File Server (aka HFS or HTTP Fileserver) 23x before 23c allows remote attackers to execute arbitrary programs via a %00 sequence in a search action, due to a poor regex It won't handle a null byte, allowing an attacker to inject code Reques

Rejetto http File Server 2.3.x (Reverse shell)

Poc exploit(bash script) bashwebm About the exploit You can get reverse shell with sh file (in Linux) You can get reverse shell with py file in (Windows and Linux) (in windows, you need to install netcat) You must specify the url example: targetcom/ using for py: python exploitpy using for sh: chmod +x exploitsh /exploit

a python3 version of the exploit written for CVE-2014-6287. Useful for completing the "Steel Mountain" room on TryHackMe.com without the use of metasploit.

thm_steelmountain_CVE-2014-6287 a python3 version of the exploit written for CVE-2014-6287 Useful for completing the "Steel Mountain" room on TryHackMecom without the use of metasploit

TryHackMe.com's Steel Mountain Room

Steel Mountain Bradley Lubow (rnbochsr) TryHackMecom's Steel Mountain room Recon NMAP Results sudo nmap -Pn -sS -p- -oN nmapinitial -T5 101090201 130 ⨯ Host discovery disabled (-Pn) All addresses will be marked 'up' and scan times will be slower Starting Nmap 791 ( nmaporg ) at 2022-04-16 16:

List of common scripts for exploitation that are working (Easy Access)

Useful-Scripts List of common scripts for CVEs that are working (Easy Access) CVE-2014-6287 HTTP File Server Remote Code Execution githubcom/oplogix/Helpful-Scripts/blob/main/CVE-2014-6287py CVE-2019-9053 CMS Made Simple < 2210 - SQL Injection githubcom/oplogix/CVE-Scripts/blob/main/CVE-2019-9053py PHP-Reverse-Shell php file uploadable to php site

List of common scripts for exploitation that are working (Easy Access)

Useful-Scripts List of common scripts for CVEs that are working (Easy Access) CVE-2014-6287 HTTP File Server Remote Code Execution githubcom/oplogix/Helpful-Scripts/blob/main/CVE-2014-6287py CVE-2019-9053 CMS Made Simple < 2210 - SQL Injection githubcom/oplogix/CVE-Scripts/blob/main/CVE-2019-9053py PHP-Reverse-Shell php file uploadable to php site

Rejetto HTTP File Server (aks HFS or HttpFileServer) 2.3x before 2.3c

CVE-2014-6287 python3 script Usage: Start a local smb service hosting ncexe Execute exploit script to getshell