Nmap Development mailing list archives
[NSE] jboss-vuln-cve2010-0738.nse
From: Tiago Natel de Moura <tiago4orion () gmail com>
Date: Sat, 16 Jun 2012 00:39:39 -0300
Hi list, this is just a script that I created to exploit the CVE-2010-0738 of JBoss. description = [[ JBoss Enterprise Application Platform is prone to multiple vulnerabilities, including an information-disclosure issue and multiple authentication-bypass issues. An attacker can exploit these issues to bypass certain security restrictions to obtain sensitive information or gain unauthorized access to the application. this script will attempt to exploit one of these vulnerabilities and get a reverse shell on the target machine. This exploit is a rewrite to NSE of the Kingcope's perl exploit ( daytona_bsh.pl). More information: http://www.exploit-db.com/exploits/16274/ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0738 http://www.securityfocus.com/bid/39710 ]] source: https://github.com/tiago4orion/nmap-scripts/blob/master/jboss-vuln-cve2010-0738.nse Here is a sample output: PORT STATE SERVICE VERSION 80/tcp open http Apache Tomcat/Coyote JSP engine 1.1 (Tomcat 5.5) | jboss-vuln-cve2010-0738: | VULNERABLE: | JBoss Application Server Remote Exploit | State: VULNERABLE (Exploitable) | IDs: CVE:CVE-2010-0738 | Description: | JBoss Enterprise Application Platform is prone to multiple | vulnerabilities, including an information-disclosure issue | and multiple authentication-bypass issues. An attacker can | exploit these issues to bypass certain security restrictions | to obtain sensitive information or gain unauthorized access | to the application. | | Disclosure date: 2010-04-26 | Extra information: | EXPLOIT SUCCESSFULL, REVERSE SHELL AT <reverse_host>:<reverse_port> | References: | http://www.exploit-db.com/exploits/16274/ | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0738 |_ http://www.securityfocus.com/bid/39710 Cheers. []'s -- Tiago Natel de Moura Consultor de Segurança da Informação http://www.linkedin.com/in/tiagonatel http://www.secplus.com.br/ http://github.com/tiago4orion http://code.google.com/p/bugsec
Attachment:
jboss-vuln-cve2010-0738.nse
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] jboss-vuln-cve2010-0738.nse Tiago Natel de Moura (Jun 15)
- Re: [NSE] jboss-vuln-cve2010-0738.nse Patrik Karlsson (Jun 16)
- Re: [NSE] jboss-vuln-cve2010-0738.nse Tiago Natel de Moura (Jun 16)
- Re: [NSE] jboss-vuln-cve2010-0738.nse Patrik Karlsson (Jun 16)
- Re: [NSE] jboss-vuln-cve2010-0738.nse Patrik Karlsson (Jun 17)
- Re: [NSE] jboss-vuln-cve2010-0738.nse Tiago Natel de Moura (Jun 16)
- Re: [NSE] jboss-vuln-cve2010-0738.nse David Fifield (Jun 19)
- Re: [NSE] jboss-vuln-cve2010-0738.nse Patrik Karlsson (Jun 19)
- Re: [NSE] jboss-vuln-cve2010-0738.nse David Fifield (Jun 19)
- Re: [NSE] jboss-vuln-cve2010-0738.nse Patrik Karlsson (Jun 19)
- Re: [NSE] jboss-vuln-cve2010-0738.nse Patrik Karlsson (Jun 16)