Deserialization of Untrusted Data in Liferay Portal before 7.2.1 CE GA2 allows remote malicious users to execute arbitrary code via JSON web services (JSONWS).
Liferay Portal versions prior to 721 CE GA2 exploit that gains code execution due to deserialization of untrusted data sent to the JSON web services interface ...
This Metasploit module exploits a Java unmarshalling vulnerability via JSONWS in Liferay Portal versions prior to 625 GA6, 706 GA7, 713 GA4, and 721 GA2 to execute code as the Liferay user Tested against 720 GA1 ...
liferay-scanner
Vuln Liferay scanner
Liferay scanner for CVE-2020-7961
About
Code Completely Ripped off from @tomnomnom - he is a hero if you meet him buy him a bevvie!!
if vuln it should add it to liferaylog
Mainly made by tomnomnom and i changed the request to look for liferay
Build
go get -u
CVE-2020-7961-Mass
CVE-2020–7961 Mass exploit for Script Kiddies
Tested on: Kali Linux, Windows,
Requirements:
apt install python3
pip3 install requests colorama
Usage:
python3 rcepy [target url] | For a single target
python3 masspy [list url] | For a list target
Saved file to: linuxtxt, wintxt
Simple Shell:
python shellpy [target]
Dork:
ht
CVE-2020-7961-POC
All the information provided on this site are for educational purposes only The site and authors of the repository is no way responsible for any misuse of the information
Credit goes to @mzer0one
CVE-2020-7961-POC
All the information provided on this site are for educational purposes only The site and authors of the repository is no way responsible for any misuse of the information
Liferay-Deserialize-POC
Edit the content of the LifExpjava file to suit your target os system (egg: for Windows -> cmdexe, for Linux -> /bin/sh)
Ru
Links
An attempt to sort stuff in different categories
Browsers / Browser extensions
githubcom/fransr/postMessage-tracker
Bugbounty
githubcom/EdOverflow/bugbounty-cheatsheet
githubcom/arkadiyt/bounty-targets-data
githubcom/ngalongc/bug-bounty-reference
githubcom/streaak/keyhacks
githubcom/nahamsec/lazys3
Burp
gi
CVE-2020-7961-payloads
Deserialization of Untrusted Data in Liferay Portal prior to 721 CE GA2 allows remote attackers to execute arbitrary code via JSON web services (JSONWS)
Step 1) Write Your payload in LifExpjava
Step 2) Compile it with javac
Step 3) make your log server (Maybe you want to use "Burp Collaborator Client")
Step 4) Run pocpy
enjoy it ;)
A collection of attempted exploit requests, explained
Inspecting Malicious Requests
I recently stood up a crude web application and my logs were capturing various requests my public IP was attracting I had seen some such requests before but finally decided it warranted a blog post, and you can read more there
Otherwise, I'm posting this in a repository as a point of collaboration if any of my readers want to correct, infor
liferay-scanner
Vuln Liferay scanner
Liferay scanner for CVE-2020-7961
About
Code Completely Ripped off from @tomnomnom - he is a hero if you meet him buy him a bevvie!!
if vuln it should add it to liferaylog
Mainly made by tomnomnom and i changed the request to look for liferay
Build
go get -u