mailing list archives
Re: JBoss Application Server Exploit Modules
From: Patrick Hof <patrick.hof () redteam-pentesting de>
Date: Mon, 28 Jun 2010 22:36:47 +0200
Giorgio Casali <giorgio.casali () gmail com> wrote:
Hi Patrick thanks for your work.
I had just the need to use your module 3 days ago but it unfortunately failed.
I have described the reasons in my blog:
I hope your new changes to the module will allow you to exploit the
JBoss AS even when the conditions are not so standard.
you're right in what you write in your blog post, it can be necessary sometimes
to do some additional work until the JBoss exploits work, like in your case
adding the path to the DeploymentScanner. Unfortunately, adding all these little
"non-standard" things is quite difficult to achieve for a generic exploit
module. Normally, if you find a JBoss AS with an open JMX Console, it is in it's
default configuration, so I guess most of the time the module should work as
I think this shows that as a Pentester, you can't just rely on some tool. As you
demonstrate in your blog post, it's necessary to really understand the details
of an exploit so you can adapt it where needed. I hope the papers helped in
gaining that knowledge.
RedTeam Pentesting GmbH Tel.: +49 241 963-1300
Dennewartstr. 25-27 Fax : +49 241 963-1304
52068 Aachen http://www.redteam-pentesting.de/
Germany Registergericht: Aachen HRB 14004
Geschäftsführer: Patrick Hof, Jens Liebchen, Claus R. F. Overbeck