CVE-2017-12149

Jboss5X/6X反序列化漏洞复现 漏洞复现 1)环境准备 JBOSS 下载地址：downloadjbossorg/jbossas/61/jboss-as-distribution-610Finalzip EXP 下载地址：githubcom/yunxu1/jboss-_CVE-2017-12149 2)环境搭建 1、下载Jboss环境，并解压 Wget downloadjbossorg/jbossas/61/jboss-as-distribution-610Finalzip Uzip downloa

Lab for Java Deserialization Vulnerabilities This content is related to the paper written for the 12th edition of H2HC magazine See full paper in: wwwh2hccombr/revista/ Slides and video of the talk will be available soon Um overview sobre as bases das falhas de desserialização nativa em ambientes Java (JVM) An overview of deserialization vulnerabil

CVE-2017-12149 非常感谢yunxu1师傅的源码 说明: 删掉了图形化页面 修复了识别系统错误导致的命令执行失败 修改成了交互式的shell 使用 输入url回车会自动执行两个系统的whoami 看结果判断是什么操作系统 输入系统linux or windows 然后就是输入要执行命令了

Lab for Java Deserialization Vulnerabilities This content is related to the paper written for the 12th edition of H2HC magazine See full paper in: wwwh2hccombr/revista/ Slides and video of the talk will be available soon Um overview sobre as bases das falhas de desserialização nativa em ambientes Java (JVM) An overview of deserialization vulnerabil

CVE-2017-12149 jboss反序列化 可回显

jboss-_CVE-2017-12149 verify_CVE-2017-12149jar提供命令行模式下验证漏洞,如果漏洞存在返回特征字符串,只需要执行命令: $ java -jar verify_CVE-2017-12149jar xxx:8080 #成功返回: vuln6581362514513155613jboss

Lab for Java Deserialization Vulnerabilities This content is related to the paper written for the 12th edition of H2HC magazine See full paper in: wwwh2hccombr/revista/ Slides and video of the talk will be available soon Um overview sobre as bases das falhas de desserialização nativa em ambientes Java (JVM) An overview of deserialization vulnerabil

CVE-2017-10271 Usage: CVE-2017-12149py targetip:port/ WEBLOGIC RCE Work with windows only, you could edit code a bit for linux

一个简单探测jboss漏洞的工具 批量探测jboos系列漏洞路径，特别在内网渗透中，提高效率。（此工具仅探测漏洞所在路径，漏洞是否存还需对应exp验证。） 介绍 CVE-2015-7501 JBoss JMXInvokerServlet 反序列化漏洞。此漏洞存在于JBoss中/invoker/JMXInvokerServlet路径。访问若提示下载JMXInvokerServlet，则可�

JBoss漏洞扫描工具

#JBoss POC 包含 CVE-2015-7501、CVE-2017-7504、CVE-2017-12149等漏洞扫描,会将漏洞结果保存在txt文件 Usage: python3 jbosspy -h

JBoss CVE-2017-12149 (Insecure Deserialization - RCE) Exploitation Lab.

JBoss Insecure Deserialization to RCE via CVE-2017-12149 JBoss Insecure Deserialization - RCE Exploitation Lab The idea here is to setup a lab with an old JBoss version (<70) in order to exploit the vulnerability We can use Docker to facilitate all the process For this, we're gonna need an Oracle JDK rpm package, that's because JBoss 600 final works with

CVE-2017-12149 JBOSS RCE (TESTED)

CVE-2017-12149 Coded by 1337g Usage: CVE-2017-12149py targetip:port/ JBOSS RCE I have no idea why it doesnot work with https

（CVE-2015-7501）JBoss JMXInvokerServlet 反序列化漏洞

Lab for Java Deserialization Vulnerabilities This content is related to the paper written for the 12th edition of H2HC magazine See full paper in: wwwh2hccombr/revista/ Slides and video of the talk will be available soon Um overview sobre as bases das falhas de desserialização nativa em ambientes Java (JVM) An overview of deserialization vulnerabil

Jboss Java Deserialization RCE (CVE-2017-12149)

CVE-2017-12149 Jboss Java Deserialization RCE (CVE-2017-12149) The python script uses ysoserial to dynamically generate the payload Therefore java is required as well

一款集漏洞探测、攻击，Session会话，蜜罐识别等功能于一身的软件，基于go-micro微服务框架并对外提供统一HTTP API网关接口服务

gofor 一款集漏洞探测、攻击，Session会话，蜜罐识别等功能于一身的软件，基于go-micro微服务框架并对外提供统一HTTP API网关接口服务 HTTP API Gateway /api-srv Service Install(Optional) Exploit /srv-exploit Webshell /srv-webshell

jboss-_CVE-2017-12149 verify_CVE-2017-12149jar提供命令行模式下验证漏洞,如果漏洞存在返回特征字符串,只需要执行命令: $ java -jar verify_CVE-2017-12149jar xxx:8080 #成功返回: vuln6581362514513155613jboss

CVE-2017-10271 WEBLOGIC RCE (TESTED)

CVE-2017-10271 Usage: CVE-2017-12149py targetip:port/ WEBLOGIC RCE Work with windows only, you could edit code a bit for linux

CVE-2017-17215 HuaWei Router RCE (NOT TESTED)

CVE-2017-17215 Usage: CVE-2017-12149py targetip:37215/ I am so poor that cant afford to but a HUAWEI router XD so it is not tested on any machine~ but the exp technically should be working I found this report blognewskysecuritycom/huawei-router-exploit-involved-in-satori-and-brickerbot-given-away-for-free-on-christmas-by-ac52fe5e4516 the payload was released 2

Lab for Java Deserialization Vulnerabilities This content is related to the paper written for the 12th edition of H2HC magazine See full paper in: wwwh2hccombr/revista/ Slides and video of the talk will be available soon Um overview sobre as bases das falhas de desserialização nativa em ambientes Java (JVM) An overview of deserialization vulnerabil

扫描jboss常见漏洞路径是否存在。

一个简单探测jboss漏洞的工具 批量探测jboos系列漏洞路径，特别在内网渗透中，提高效率。（此工具仅探测漏洞所在路径，漏洞是否存还需对应exp验证。） 介绍 CVE-2015-7501 JBoss JMXInvokerServlet 反序列化漏洞。此漏洞存在于JBoss中/invoker/JMXInvokerServlet路径。访问若提示下载JMXInvokerServlet，则可�

CVE-2017-12149 JBOSS as 6.X反序列化(反弹shell版)

CVE-2017-12149 CVE-2017-12149 JBOSS as 6X反序列化(反弹shell版) 根据作者命令行模式改写gui界面 detail:wwwcnblogscom/sevck/p/7874438html

说明 请添加扫描web path 目录添加至db目录，本项目使用dirsearch的扫描目录 dirsearch 关于子域名爆破指定文件路径 es设置 es 主要是有两个索引组成，info 和vuls ，分别记载info 和vuls info code_name 名称 属性 描述 example 状态 site url str 主要的站点 ip 实现 port 端口 str 主站点对应的

Sample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).

Lab for Java Deserialization Vulnerabilities This content is related to the paper written for the 12th edition of H2HC magazine See full paper in: wwwh2hccombr/revista/ Slides and video of the talk will be available soon Um overview sobre as bases das falhas de desserialização nativa em ambientes Java (JVM) An overview of deserialization vulnerabil