Unauthenticated RCE in Rejetto HTTP File Server via Template Injection

This repository contains a Python proof-of-concept exploit for CVE-2024-23692, which targets a Server-Side Template Injection (SSTI) vulnerability in a web application. The main script, 'CVE-2024-23692.py', reads a list of target URLs from 'xxx.txt', then sends specially crafted HTTP GET requests to each URL, attempting to execute the 'ipconfig /all' command on the server. If the response contains multiple 'RESULT' markers, the script considers the target vulnerable and logs the URL to 'vul_url'. The exploit uses multithreading for efficiency and routes requests through a local proxy at 127.0.0.1:7890. The README provides a sample HTTP request and describes the expected output. No specific product is named, but the exploit is tailored for systems vulnerable to CVE-2024-23692.

This repository provides a proof-of-concept (POC) exploit for CVE-2024-23692, a command execution vulnerability in Rejetto HFS (HTTP File Server) version 2.3 and below. The main exploit is implemented in 'poc.py', a Python script that takes a target URL and a command as arguments. It crafts a GET request to the HFS server, injecting a base64-encoded PowerShell command via the 'cmd' parameter in the URL. The script uses unique markers to extract and display the output of the executed command from the server's response. The exploit requires the target to be running a vulnerable version of HFS and accessible over the network. The repository also includes a README with a brief description and a .gitignore file. No hardcoded IPs or domains are present; the target URL is supplied by the user at runtime.

This repository contains a Python exploit script (exploit.py) targeting the Rejetto HTTP File Server (HFS) template injection vulnerability (CVE-2024-23692). The exploit allows remote, unauthenticated attackers to execute arbitrary system commands on vulnerable HFS servers (version 2.3m and earlier) by sending a specially crafted HTTP GET request. The script supports both single and batch exploitation modes, accepts a custom command to execute (defaulting to 'whoami'), and can save successful results to a file. The main attack vector is network-based, leveraging HTTP(S) requests to the target server. The repository also includes a README with detailed usage instructions and a LICENSE file. The exploit is operational, providing real command execution on the target, and is intended for authorized security testing and research.

This repository is a Go-based exploit for CVE-2024-23692, targeting Rejetto HTTP File Server (HFS) versions <= 2.3 on Windows. The exploit leverages a template injection vulnerability in HFS to achieve unauthenticated remote command execution. The main entry point is 'hfs.go', which provides a CLI interface for detection, command execution, and DNSLOG-based out-of-band verification. The exploit constructs a specially crafted GET request to the target HFS server, injecting a payload that triggers the '.exec' template to run arbitrary system commands. The output is parsed and displayed to the user. For detection in environments where direct output is not possible, the tool supports DNSLOG verification using ceye.io or a custom DNSLOG service, configurable via 'config/config.ini'. The codebase is modular, with separate packages for configuration, DNSLOG interaction, HTTP client handling (including proxy support), and argument parsing. The exploit is operational, providing both detection and exploitation capabilities, and is not part of a larger framework.

This repository provides an exploit and detection template for CVE-2024-23692, a critical remote code execution vulnerability in Rejetto HTTP File Server (HFS). The repository contains three files: a Bash exploit script (CVE-2024-23692.sh), a Nuclei detection template (CVE-2024-23692.yaml), and a README.md with usage instructions. The Bash script takes a target URL and a command, crafts a malicious HTTP GET request exploiting template injection in HFS, and executes arbitrary commands on the target using PowerShell, returning the output. The Nuclei template is designed for automated detection, sending a similar payload and checking for DNS interactions and response content. The exploit is operational, providing real command execution on vulnerable targets, and is suitable for both manual and automated exploitation or detection.

This repository provides exploit and detection scripts for CVE-2024-23692, a critical unauthenticated remote code execution (RCE) vulnerability in Rejetto HTTP File Server (HFS) version 2.3m. The repository contains three files: a README.md with usage instructions and vulnerability details, 'exploit.py' (the main exploit script), and 'detect.py' (a detection script). Both Python scripts construct a specially crafted HTTP GET request targeting the vulnerable HFS server. The exploit script allows the user to specify a target IP, port, and arbitrary command to execute on the server, leveraging the '.exec' template feature in HFS to achieve code execution. The detection script uses a default harmless command ('calc') to check for vulnerability. The exploit is unauthenticated and works over the network, requiring only that the target HFS instance is accessible. No hardcoded IPs or domains are present; the scripts are generic and require user-supplied targets.

This repository provides a proof-of-concept (POC) exploit for CVE-2024-23692, a critical unauthenticated remote code execution vulnerability in Rejetto HTTP File Server (HFS) version 2.3m. The main exploit is implemented as a Bash script (CVE-2024-23692.sh) that takes a target URL and a command to execute. The script crafts a malicious HTTP GET request, injecting a base64-encoded PowerShell command via the vulnerable endpoint. If the target is vulnerable, the command is executed on the server, and the output is returned to the attacker. The repository includes a README with usage instructions and context about the vulnerability, and a LICENSE file. The exploit is straightforward, does not require authentication, and targets Windows systems running HFS 2.3m. No hardcoded IPs or domains are present; the user supplies the target URL. The attack vector is network-based, exploiting the HTTP interface of the HFS server.

This repository provides a Bash exploit script (CVE-2024-23692.sh) targeting the Rejetto HFS (HTTP File Server) vulnerability CVE-2024-23692, a server-side template injection (SSTI) flaw that allows remote code execution. The script takes three arguments: the target server's IP address, port, and a command to execute. It crafts a malicious HTTP GET request exploiting the SSTI vulnerability, sending it to the target using netcat. The README.md explains the vulnerability, its impact, usage instructions (including how to obtain a reverse shell using msfvenom), and mitigation steps. The exploit is operational, allowing arbitrary command execution or reverse shell access on vulnerable HFS servers. The repository is simple, containing the exploit script, a README, and an image directory.