Jump to content
rukov

JexBoss

By rukov, in Programe utile

Recommended Posts

rukov Newbie

rukov

Posted
Posted

JexBoss - Jboss verify and EXploitation Tool

JexBoss is a tool for testing and exploiting vulnerabilities in JBoss Application Server.

Requirements

Python <= 2.7.x

Installation

To install the latest version of JexBoss, please use the following commands:

git clone https://github.com/joaomatosf/jexboss.git

cd jexboss

python jexboss.py

Features

The tool and exploits were developed and tested for versions 3, 4, 5 and 6 of the JBoss Application Server.

The exploitation vectors are:

/jmx-console

tested and working in JBoss versions 4, 5 and 6

/web-console/Invoker

tested and working in JBoss versions 4

/invoker/JMXInvokerServlet

tested and working in JBoss versions 4 and 5

Usage example

Check the file "demo.png"

$ git clone https://github.com/joaomatosf/jexboss.git

$ cd jexboss

$ python jexboss.py https://site-teste.com

** Checking Host: https://site-teste.com **

* Checking web-console: [ OK ]

* Checking jmx-console: [ VULNERABLE ]

* Checking JMXInvokerServlet: [ VULNERABLE ]

Download https://github.com/joaomatosf/jexboss

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...