Comments (7)
Hello Friend,
This is the JSP shell that is deployed within the JBoss server successfully exploited via Jexboss and http://webshell.jexboss.net/ address must be the official tool site (at the time, I'm just migrating the releases notes file for he).
Currently there are 5 different exploits that help improve the effectiveness of JexBoss. They deploy SAME JSP code within the vulnerable server (if you have permission).
As you can see, the code is available both within the python script or hosted on http://joaomatosf.com/rnp/jexws.war. The specific case of your figure, the code is using url encoding, otherwise the exploit does not work. In exploit for vector "invoker", in turn, the same code is in hexadecimal, why it is a holding which sends binary payload.
If you download the http://joaomatosf.com/rnp/jexws.war file and unpack with unzip, inside is the same JSP shell that appears in his image, but without using url encoding.
Addresses "http://webshell.jexboss.net" and "http://webshell.jexboss.com" will be used to host the webshells JexBoss and changelog file (instead of the address http://joaomatosf.com/rnp/, which is an old abandoned blog).
Currently the shell JSP that JexBoss deploys within your server vulnerable seeks changelog file hosted on http://webshell.jexboss.net but does not warn the user when updates are available yet (I'm currently implementing it).
In future releases, when the shell jsp is accessed, it must inform you whenever there are updates itself, similar to what happens when you run the python script jexboss.py. At the time, it just checks the version control file (changelog) which you can view here: http://webshell.jexboss.net/.
Thank you for your question and I am available for any questions.
from jexboss.
thanks for a long reply.I finfished reading it and I hold on to my opinion, it's a backdoor to show u those victims' IP
from jexboss.
Hello Friend,
I understand your opinion.
This Webshell update check is important to keep the webshells always up to date and thus avoid problems (eg, blocking by Intrusion Detection Systems IPS, etc.), but I assure you that I do not store access information.
In respect your opinion, I'll add today an option "--disable-updates" that will instruct the Webshell JSP not to do the checking for updates, okay?
from jexboss.
yeah, it's a possible solution.
anyway, thanks a lot for sharing your python code .
from jexboss.
围观中......
from jexboss.
In a few hours I will be releasing a version with --disable-check-updates option, among others that follow below:
optional arguments:
-h, --help show this help message and exit
--version show program's version number and exit
--auto-exploit, -A Send exploit code automatically (USE ONLY IF YOU HAVE
PERMISSION!!!)
--disable-check-updates, -D
Disable the check for updates performed by JSP
Webshell at:
http://webshell.jexboss.net/jsp_version.txt
-mode {auto-scan,file-scan,standalone}
Operation mode
Standalone mode:
-host HOST Host address to be checked
Auto scan mode:
-network NETWORK Network to be checked in CIDR format (eg. 10.0.0.0/8)
-ports PORTS List of ports separated by commas to be checked for
each host (eg. 8080,8443,8888,80,443)
-results FILENAME File name to store the auto scan results
File scan mode:
-file FILENAME_HOSTS Filename with host list to be scanned (one host per
line)
-out FILENAME_RESULTS
File name to store the file scan results
from jexboss.
Dear, the version was released.
Please report any problems.
Thank you
from jexboss.
Related Issues (20)
- -y flag
- Unable to execute shell commands
- request to add CVE-2018-11776 HOT 1
- Checking Struts2 Error HOT 1
- (invalid literal for int() with base 10 error when running JMX Tomcat HOT 2
- An error occurred while connecting to the host google.com (list index out of range)
- still vulnerable?
- Failed to parse: HOT 1
- DH key too small
- Resume session without re-exploiting
- can't do default windows commands like dir in meterpreter session
- will you update that tools
- how to update this tools??? HOT 1
- * Error contacting the command shell. Try again later... HOT 6
- Read timed out HOT 1
- https / port 443 HOT 1
- Why is the remote WAR sending Host & remote IP to some C&C? HOT 3
- CVE-2017-12149 HOT 2
- More customization
- Problem in Shell
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from jexboss.