JBoss Autopwn – JSP Hacking Tool For JBoss AS Server

Cybertroopers storming your ship?


This JBoss script deploys a JSP shell on the target JBoss AS server. Once deployed, the script uses its upload and command execution capability to provide an interactive session.

Features

  • Multiplatform support – tested on Windows, Linux and Mac targets
  • Support for bind and reverse bind shells
  • Meterpreter shells and VNC support for Windows targets

Installation

Dependencies include

  • Netcat
  • Curl
  • Metasploit v3, installed in the current path as “framework3”

You can download JBoss Autopwn here:

jboss-autopwn.zip

Or read more here.


Posted in: Exploits/Vulnerabilities, Hacking Tools, Web Hacking

, , , , , , , , , , ,

Recent in Exploits/Vulnerabilities:
- BeautifulPeople.com Leak Exposes 1.1M Extremely Private Records
- Apple Will Not Patch Windows QuickTime Vulnerabilities
- BADLOCK – Are ‘Branded’ Exploits Going Too Far?

Related Posts:

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 234,307 views
- AJAX: Is your application secure enough? - 120,021 views
- eEye Launches 0-Day Exploit Tracker - 85,477 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


3 Responses to JBoss Autopwn – JSP Hacking Tool For JBoss AS Server

  1. secret March 4, 2011 at 9:33 pm #

    Hey, man! Link don’t work, plz update! Tnx! )

  2. STRSHR March 5, 2011 at 10:20 am #

    The whole github profile of spiderlabs is not available, any mirror will be appreciated.

  3. jbossLover March 7, 2011 at 6:38 pm #

    This exploit is the same to http://www.nruns.com/_downloads/Whitepaper-Hacking-jBoss-using-a-Browser.pdf or am i wrong?