# Exploit Title: Arbitrary Code Execution in Openfiler
# Exploit author: Dolev Farhi @f1nhack
# Date 07/05/2014
# Vendor homepage: http://www.openfiler.com
# Affected Software version: 2.99.1
# Alerted vendor: 7.5.14
Software Description
=====================
Openfiler is a network storage operating system. With the features we built into Openfiler, you can take advantage of file-based Network Attached Storage and block-based
Storage Area Networking functionality in a single cohesive framework.
Vulnerability Description
=========================
Arbitrary code execution
Steps to reproduce / PoC:
=========================
1.1. Login to Openfiler dashboard.
1.2. Under system tab -> Hostname
1.3. Enter any shell command you desire using the backticks ` `
e.g. `cat /etc/passwd`
1.4. the code reflects in the hostname value space
<-> PoC Video: https://www.youtube.com/watch?v=NzjB9U_0yLE&feature=youtu.be
//The information contained within this publication is
//supplied "as-is"with no warranties or guarantees of fitness
//of use or otherwise.Bot24, Inc nor Bradley Sean Susser accepts
//responsibility for any damage caused by the use or misuse of
# Exploit author: Dolev Farhi @f1nhack
# Date 07/05/2014
# Vendor homepage: http://www.openfiler.com
# Affected Software version: 2.99.1
# Alerted vendor: 7.5.14
Software Description
=====================
Openfiler is a network storage operating system. With the features we built into Openfiler, you can take advantage of file-based Network Attached Storage and block-based
Storage Area Networking functionality in a single cohesive framework.
Vulnerability Description
=========================
Arbitrary code execution
Steps to reproduce / PoC:
=========================
1.1. Login to Openfiler dashboard.
1.2. Under system tab -> Hostname
1.3. Enter any shell command you desire using the backticks ` `
e.g. `cat /etc/passwd`
1.4. the code reflects in the hostname value space
<-> PoC Video: https://www.youtube.com/watch?v=NzjB9U_0yLE&feature=youtu.be
//The information contained within this publication is
//supplied "as-is"with no warranties or guarantees of fitness
//of use or otherwise.Bot24, Inc nor Bradley Sean Susser accepts
//responsibility for any damage caused by the use or misuse of
//this information