intitle:"HFS" AND intext:"httpfileserver 2.3" AND -intext:"remote"

  • 日期:2022-06-16
  • 类别:
  • 作者:Alexander Ahmann
  • 语法:intitle:"HFS" AND intext:"httpfileserver 2.3" AND -intext:"remote"

  • # Dork: intitle:"HFS" AND intext:"httpfileserver 2.3" AND
    -intext:"remote"
    # Author: Alexander Ahmann
    # Email: hackermaneia@riseup.net
    # Date: 11 March, 2022
    # Category: Vulnerable Servers

    Thapa (2016) devised an exploit targeting version 2.3 of Rejetto.com
    (n.d.)'s "HTTP File Server." Thapa included the Google dork
    'intext:"httpfileserver 2.3"' as a means to find webservers on the
    internet running the vulnerable service. However, there is a limitation
    with this dork, as it instructs Google's search engine to list websites
    which includes web pages with the text "httpfileserver 2.3" in it. This
    will cause Google search to report security bulletins discussing the
    vulnerability.

    To mitigate this problem, I present a slight modification of Thapa's
    Google dork to "filter out" said security bulletins: 'intitle:"HFS" AND
    intext:"httpfileserver 2.3" AND -intext:"remote"' (without single
    quotes, with double quotes). Elaborating on the components of my
    modified Google dork:

    1. 'intitle:"HFS"' will report web pages with the string "HFS" in the
    metatag. This is a feature that I have identified unique to
    Rejetto.com (n.d.)'s HTTP File Server.
    2. 'intext:"httpfileserver 2.3"' will report web pages with the string
    "httpfileserver 2.3" in its body. This is a feature that Thapa (2016)
    identified in Rejetto.com (n.d.)'s HTTP File Server.
    3. '-intext:"remote"' will "filter out" web pages with the string
    "remote" in its body. I have identified this string as a feature of
    security bulletins reporting on the Rejetto.com (n.d.)'s HTTP File
    Server vulnerability.

    The "AND" boolean operator is used to narrow down the search results and
    decrease the rate of false positives.

    References
    ----------
    Rejetto.com (n.d.). HFS ~ HTTP File Server. Retrieved on Mar. 11, 2022
    from: http://rejetto.com/hfs/

    Thapa, A. K. (2016). Rejetto HTTP File Server (HFS) 2.3.x - Remote
    Command Execution (2). Exploit Database. Retrieved on Mar. 11, 2022
    from: https://www.exploit-db.com/exploits/39161