CVE-2014-6287

This exploit targets a remote command execution vulnerability in HttpFileServer 2.3.x by leveraging a search query injection to execute arbitrary commands. It downloads and executes a netcat binary to establish a reverse shell.

This Metasploit module exploits a remote command execution vulnerability in Rejetto HttpFileServer (HFS) by bypassing a poor regex filter using '%00' to inject malicious scripting commands. It delivers a VBS payload via HTTP and executes it on the target system.

This exploit leverages a regex bypass in HttpFileServer 2.3.x via a null byte injection, allowing remote command execution through the `{.exec|cmd.}` macro. The vulnerability arises from improper handling of null bytes in the `ParserLib.pas` regex pattern.

This exploit leverages a remote command execution vulnerability in Rejetto HttpFileServer 2.3.x by injecting a malicious search parameter. The payload is executed via the `exec` function in the HFS template engine.

This is a functional exploit for CVE-2014-6287, targeting Rejetto HTTP File Server (HFS) 2.3.x. It leverages a remote command execution vulnerability by crafting a malicious search query to execute a PowerShell reverse shell payload.

This Python script exploits CVE-2014-6287 in Rejetto HFS 2.3.x by sending a crafted HTTP request with a PowerShell reverse shell payload. It uses threading to simultaneously trigger the exploit and start a netcat listener for the reverse shell.

This is a Python 3 exploit for CVE-2014-6287, targeting HttpFileServer 2.3.x. It leverages a remote command execution vulnerability by crafting malicious search queries to download and execute a reverse shell payload.

This repository provides a detailed technical walkthrough of exploiting CVE-2014-6287 in Rejetto HTTP File Server 2.3, including reconnaissance, vulnerability identification, and privilege escalation steps using Metasploit and WinPEAS.

This PoC exploits CVE-2014-6287, a remote code execution vulnerability in Rejetto HTTP File Server (HFS) via macro injection. It sends a crafted HTTP request with a PowerShell reverse shell payload encoded in Base64 to the target.

This is a Python 3 rewrite of the CVE-2014-6287 exploit targeting Rejetto HTTP File Server (HFS) v2.3.x, enabling remote command execution via VBScript payloads and a reverse shell using nc.exe.

This is a Rust-based exploit for CVE-2014-6287, targeting Rejetto HTTP File Server (HFS) versions 2.3x before 2.3c. It leverages a null byte injection in the search function to execute arbitrary PowerShell commands, resulting in a reverse shell.

This exploit targets CVE-2014-6287 in Rejetto HTTP File Server 2.3.x, leveraging a remote command execution vulnerability via crafted search parameters. It delivers a VBScript payload to download and execute a reverse shell using Netcat.

This repository contains a functional Python exploit for CVE-2014-6287, targeting Rejetto HttpFileServer 2.3.x. The exploit abuses the search functionality to inject a crafted payload, enabling remote command execution via a GET request with a malformed search parameter.

This is a functional Python exploit for CVE-2014-6287, targeting Rejetto HttpFileServer 2.3.x. It leverages a command injection vulnerability in the search functionality to execute arbitrary commands on the target system.

This is a Python-based exploit for CVE-2014-6287, targeting HTTP File Server (HFS) 2.3.x. It executes arbitrary PowerShell commands via a reverse shell by leveraging a command injection vulnerability in the search parameter.

This repository contains a functional Python exploit for CVE-2014-6287, a blind remote command execution vulnerability in Rejetto HTTP File Server (HFS) 2.3.x. The exploit crafts a malicious HTTP request with a payload embedded in the 'search' parameter to execute arbitrary commands on the target system.

This is a Python3 exploit for CVE-2014-6287, targeting HttpFileServer 2.3.x. It leverages a remote command execution vulnerability by sending crafted HTTP requests to download and execute a reverse shell payload via SMB.

This repository contains a functional exploit for CVE-2014-6287, targeting Rejetto HTTP File Server 2.3.x. The exploit leverages a command injection vulnerability via the search parameter to execute a PowerShell reverse shell payload, with both Python and Bash scripts provided for execution.

This exploit targets CVE-2014-6287 in HttpFileServer 2.3.x, leveraging a remote command execution vulnerability via crafted search parameters. It downloads and executes a reverse shell payload (nc.exe) on the target system.

This repository contains a writeup and a Python-based exploit for CVE-2014-6287, a remote code execution vulnerability in Rejetto HTTP File Server (HFS) 2.3. The exploit leverages a null-byte injection in the search parameter to execute arbitrary commands.

This Metasploit module exploits a remote command execution vulnerability in Rejetto HttpFileServer (HFS) by bypassing a poor regex filter using '%00'. It leverages HFS scripting commands to save and execute a malicious VBScript payload, achieving RCE on vulnerable versions (≤ 2.3).