Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: Checking for jboss authentication bypass
From: Martin Holst Swende <martin () swende se>
Date: Tue, 06 Dec 2011 13:06:33 +0100

DOH!
http://nmap.org/nsedoc/scripts/http-method-tamper.html

I had a vague recollection that this was already done, but looking
through the 'vuln'
category I couldn't find it (also, the name is a bit vague).

/M

On 12/06/2011 12:46 PM, Martin Holst Swende wrote:
Hi list,

I threw together a script to check if a server is vulnerable to jboss
authentication bypass. It makes
a get request to /jmx-console first to see if it is a jboss and whether
it requires authentication. If  it is and does,
it tries a head-request. A http 500 response means it is vulnerable.

As I wrote it, I copy-pasted a bit from other http-scripts. I was
wondering; is this the correct way to do it
if I want it to be able to work also against http or http-alt tunneled
over https ?

Regards,
Martin Holst Swende


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault