Scanning and Enumeration

Scanning

kali@kali:~/HTB/Optimum$ nmap -sC -sV -p 80 10.10.10.8 -oN optimum 
Starting Nmap 7.91 ( https://nmap.org ) at 2020-11-20 19:14 EST
Nmap scan report for 10.10.10.8
Host is up (0.080s latency).

PORT   STATE SERVICE VERSION
80/tcp open  http    HttpFileServer httpd 2.3
|_http-server-header: HFS 2.3
|_http-title: HFS /
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 9.53 seconds

Enumeration

Rejetto HTTP File Server (HFS) 2.3.x - Remote Command Execution (2)Exploit Database

Researching this vulnerability we are going to have to do the following:

Configure exploit to connect to a port on our attack machine
Set up an httpserver with nc.exe running
set up our listening
Run the python code

This exploit will grab the nc.exe from our server (port 80) execute it and run it and connect it to our attack machine. Further research of the exploit can be found here:

NVD - CVE-2014-6287

PreviousOptimum NextExploitation

Last updated 4 years ago

Was this helpful?