JBoss JMX Console Beanshell Deployer WAR Upload and Deployment

This module can be used to install a WAR file payload on JBoss servers that have an exposed "jmx-console" application. The payload is put on the server by using the jboss.system:BSHDeployer's createScriptDeployment method. This module requires Metasploit: https://metasploit.com/download Current...

JBoss Application Server Remote Exploit

No description provided by source. JBoss AS Remote Exploit by Kingcope use IO::Socket; use LWP::UserAgent; use URI::Escape; use MIME::Base64; sub usage print JBoss AS Remote Exploit\nby Kingcope\n\nusage: perl jboss.pl target targetport yourip yourport win/lnx\n; print example: perl daytona.pl...

JBoss 4.2.0 BSHDeployer 代码执行漏洞

JBoss是基于J2EE的开放源代码的应用服务器，其4.2.0版本默认会开启BSHDeployer服务， 当攻击者绕过JMX-console拦截里， 可以利用BSHDeployer服务方便地（将war信息直接写在bsh文件里）部署一个war，从而成功地远程部署了恶意代码。 JBoss 4.2.0...

JBoss JMX - Console Beanshell Deployer WAR Upload and Deployment (Metasploit)

$Id: jbossbshdeployer.rb 11533 2011-01-10 14:34:24Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

CVE-2006-3733

jmx-console/HtmlAdaptor in the jmx-console in the JBoss web application server, as shipped with Cisco Security Monitoring, Analysis and Response System CS-MARS before 4.2.1, allows remote attackers to gain privileges as the CS-MARS administrator and execute arbitrary Java code via an invokeOp...

CVE-2006-3733

jmx-console/HtmlAdaptor in the jmx-console in the JBoss web application server, as shipped with Cisco Security Monitoring, Analysis and Response System CS-MARS before 4.2.1, allows remote attackers to gain privileges as the CS-MARS administrator and execute arbitrary Java code via an invokeOp...