HFS 2 Deleted itself? #43
Comments
|
i did nothing like that, just a warning message. |
|
There is no logs that indicated it deleted HFS but I'm seeing a lot of other logs that contain malicious activity from a week ago 🤦♂️ It is certainly similar to the type of logs that I have seen before in HFS itself when an attacker tries to execute code on the machine. @rejetto I'm definitely very thankful for developing this piece of super useful software that I've been using for the past decade, but I can't believe it have had RCE vulnerability for so long.... |
|
it's very common for software to have vulnerabilities. |
|
you know about hfs 3? |
|
Last time I checked it, it was 2021, I know you have been working on it and I thank you, but since it didn't have GUI at the time, I didn't really use it, sorry! I'll make sure to only use HFS 3 from now on! |
|
@rejetto I just tried v3 and WOW! I must say, you've certainly come a long way from Delphi/Pascal to this gorgeous Web-based panel, and with so many great features! The additional package size is certainly worth it. And it supports Linux/macOS as well? Way to go! I hope the system integrations comes soon, also check packages like this to integrate native notifications: I hope the HFS icon can also be added to the Thank you @rejetto for all great memories from 2012-2024 that I used this software. Now's the time for RCE-free HFS 3! I hope I can also have some time to join in the development, if it uses a frontend stack that I know of. I'll have to browse the code when I have some free time. For now, HFS 3 certainly works for my purposes! |
|
the big binary size is ~90% just node-js embedded in it, to not ask people to have node already installed.
it's interesting, but it's quite big in size and i'm not sure what kind of notifications hfs is supposed to show when the web is closed. Also, i'm trying to avoid native packages at the moment, as they are complicating my building process.
i'm not sure if/how i can customize the exe icon. I'm generting binaries using "pkg", that doesn't offer such option and has been abandoned recently. I expect within a year to have to change tool, but i'm not on this now. |
You're quite right, I was actually thinking more of releasing a plugin package that would make use of that. In fact, all features like this need to be a plugin since HFS 3 supports this so well. Regarding the use case, it is used to deliver important notifications to the user, and also it can be used to notify of updates, etc. Additionally, I'll be very interested in a plugin that would display the progress of file download in the tray bar, like how HFS 2 (R.I.P) used to do.
I see, I can understand why I did some research and while This can also be used to attach version information and company info to the resulting Are you fine with me submitting PRs that would address the icon issue? I would be very happy to contribute to other areas as well. I'm a bit busy now but I would love to code for the admin page as well, I believe it can improve in many areas. What stack are you using for JS/CSS/components? It isn't vanilla JS, right? Please commit a Lastly please also consider a plugin or something that would utilize electron. All modern apps use something like this and one important use case for it in my opinion is the drag & drop functionality that it provides similar to HFS 2. I also believe the icon/tray/... other areas can also be addressed with this too, however I can predict how users will react when seeing its ~90mb size 😆 In any case, the era of 2-5MB exe files is over in my opinion. We must all embrace the new era of cool web-based apps. I use things like Balena Etcher, VS Code, Discord, etc. Instead of Win32 Disk Imager, Notepad++, TeamSpeak now. I also use Postman, Insomnia, and other apps that use Web technologies. I welcome and embrace HFS' transition from a Delphi app to a full-fledged and well-made app that would be used to serve HTTP files 👍🏻 Thanks for the development! |
|
It's best to move this to HFS 3 repo, I'm super busy with some other projects right now but I'm super excited to be able to code for HFS 3 and be of help! 😄 |
|
ok, so i'll wait you to move your message to hfs 3 discussions, so we can continue there |
|
@rejetto Sure, moved it here: |
Hi there @rejetto, I have had HFS 2.3.x and 2.4.x running on two of my servers. Today I wanted to share some files, so I tried to open it from the tray bar, however, it seems that the
.exefile is gone on both servers!Is this something intentional (maybe you added it because of the recent RCE exploit)? Or is it something that I need to be concerned about, maybe the servers are infected? 😲
I would appreciate some clarification!
The text was updated successfully, but these errors were encountered: