Nytro Posted January 19, 2013 Report Posted January 19, 2013 JavaMBeanInstantiator.findClass0Day AnalysisJanuary, 2013Esteban GuillardoyTable of ContentsIntroduction.......................................................................................................................................... 3MbeanInstantiator.findClass vulnerability........................................................................................... 3Affected Versions.............................................................................................................................4Recursive Reflection Vulnerability (technique?)................................................................................. 4Exploitation Technique.........................................................................................................................5References............................................................................................................................................ 6IntroductionAnother Java 0day! On one hand, this is exciting because it effects a lot of people and is thereforimportant. But there have been many instances of Java vulnerabilities coming out – and if someonedoes not have Java disabled by now, they are probably already infected. It's worth noting that unlikesome Java vulnerabilities in the past, this one was first discovered when it was included in“commercial” malware packages, which were then linked to by ad-farms on legitimate sites, andused in mass malware installation campaigns.So even if your organization is quite far ahead when it comes to disabling or limited Java on yourworkstations, the particulars of the exploit are interesting because they may give hints as to howfuture Java (or .Net or Flash or other VM's with sandboxes) will suffer in the future.This is also the reason why we include an entire day of Java Sandbox Analysis in the upcomingINFILTRATE Master Class in April here in Miami Beach. It teaches you how to think about theseproblems, and nothing makes a better case study than an 0day.Once again the exploit is using 2 vulnerabilities together with an exploitation technique in order tofully exploit a target. We will analyze both below.Download:https://partners.immunityinc.com/idocs/Java%20MBeanInstantiator.findClass%200day%20Analysis.pdf Quote
