JBoss AS Remote Exploit v2
| EKU-ID: 1134 | CVE: | OSVDB-ID: |
| Author: Kingcope | Published: 2011-10-14 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 1134 | CVE: | OSVDB-ID: |
| Author: Kingcope | Published: 2011-10-14 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
THE FULL DAYTONA PACKAGE -- BY KINGCOPE, YEAR 2011
THREE JBOSS APPLICATION SERVER REMOTE EXPLOITS WITH AUTHEN BYPASS
PORTED FROM METASPLOIT AND BEEFED UP WITH TWO SCANNERS:
*PNSCAN W/ SSL SUPPORT
*SYNSCAN MODDED
FILES:
* daytona_bsh.pl, daytona_deployfile.pl, daytona_maindeploy.pl
THE REMOTE EXPLOITS, BEST OF USE IS daytona_bsh.pl
* daytona_bsh_ssl.pl, daytona_deployfile_ssl.pl, daytona_maindeploy_ssl.pl
SSL SUPPORT FOR THE REMOTE EXPLOITS
* synscan-modded.tar
THE SYNSCAN IS MODDED FOR SCANNING JBOSS (X-Powered-By TAG) ON
PORT 8080 ONLY.
* pnscan-1.11.tar.gz
ORIGINAL PARALLEL NETWORK SCANNER (NO CREDITS HERE)
* pnscan-1.11-ssl.tar
PARALLEL NETWORK SCANNER MODDED TO SUPPORT SSL
USAGE: ./pnscan -r JBoss -w "HEAD / HTTP/1.0" 10.10.0.0/16 443
CHEERS,
KINGCOPE
http://www.exploit-db.com/sploits/DAYTONA_FULL.tar.bz2