Comments (7)
i don't think it's ok to make "selfdestructing" software (or similar), but I guess AFTER the damage a lot of people would accept that, when it's too late.
The POC i was given at the time was not working on 2.4, so i was not very worried.
I discovered the other POC only when it was too late.
from hfs2.
Yeah, move to HFS3 and thank you for feedback ;-)
from hfs2.
A strange point : during hack on my server, hfs.exe has been deleted, maybe by hacker ?
It helped me to react, as I was unabled to share files and I didn't pay attention to logs....
Installer should be removed or modified, to tell users that security is compromised
from hfs2.
@Ptit-Philou Sure, it was also the initial reason that I found this out: #43
I also agree that it might have been the attackers themselves that removed HFS, maybe to prevent other attackers from connecting to the same compromised machine. Thank goodness that they did, otherwise I also wouldn't have found it out!
from hfs2.
that's right.
people who didn't disable automatic check for updates, must have got this warning several days ago
as that front-page of this repo says, this project is obsolete and i'm not working on it anymore.
i cannot exclude you may find a fix from some fork.
my suggestion is to use HFS 3 https://github.com/rejetto/hfs
from hfs2.
Thank you for feedback : Updated to HFS 3 :-)
Great job ;-)
from hfs2.
@Ptit-Philou Great write up; I wish I was notified of this attack sooner. According to @mohemiv, this issue was first reported to @rejetto in 18/08/2023 and the PoC was released in 25/05/2024
Guess what? I was happily running and using HFS 2 on my servers during these dates! A quick check of the Windows Defender logs (also known as Security Essentials) shows that the 1.exe
file, RR.exe
file, Crash.exe
all were downloaded on these servers and only some were detected and blocked by Windows Defender.
That nasty Roboform.dll
is a malicious Keylogger and Clipboard monitor in fact that has been collecting ALL secret tokens, passwords, cookies, etc on the Server for the past couple of weeks. Sheesh! 😭
@mohemiv next time please ALSO LET ME KNOW too. (I'm joking of course) but this is really pissing me off! @rejetto Thank you for the great software. It's my bad for not using HFS 3 instead of HFS 2, but I wish you had implemented a self destruct for HFS 2 instead of the warning message, or at least made the update disable the template processing/search functionality or something like that.
Now let's everyone move onto HFS 3, and R.I.P to HFS 2.
from hfs2.
Related Issues (20)
- Duplicated file upload HOT 1
- HFS.Libraries is not found. HOT 4
- 2.4rc7 can't login in if set password.
- Sometimes the service does not respond. HOT 3
- could add a wiki for how the struct of vfs file works? HOT 9
- High concurrency HOT 2
- On the next generation network protocol HOT 1
- How to setup browsable to users only and file downlodable to everyone? HOT 3
- how to setup domain? HOT 9
- Bug# - When I use cloudflare proxy, user can't login HOT 2
- BUG [v2.4-rc07]: Trying to archive 1 or more items into a TAR file fails.
- Is Uploading files completely gone from this version? HOT 1
- 在同一个文件夹,但还是无法翻译为什么呀 HOT 1
- [Question] Indexing of VFS content ? HOT 8
- Bug/Feature request ? - The search shows results from folders with restricted access to users who are not part of who can access those folders HOT 1
- ♻️ scriptLib.pas - macrosLog, | Suggestions for Improvements and Optimization HOT 1
- Anyone compiled it on Free Pascal? HOT 2
- HFS2 triggering a lot of false positives on VirusTotal HOT 8
- HFS 2 Deleted itself? HOT 11
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from hfs2.