View Issue Details

IDProjectCategoryView StatusLast Update
0003259Kali LinuxNew Tool Requestspublic2020-03-18 18:02
Reportersec-unix Assigned To 
PrioritynormalSeverityfeatureReproducibilityN/A
Status closedResolutionsuspended 
Summary0003259: JexBoss - Jboss verify and EXploitation Tool
Description

JexBoss - Jboss verify and EXploitation Tool
Link: https://github.com/joaomatosf/jexboss

A tool has been widely used and obtained very efficiently to exploit flaws in JBoss, including exploits that were not yet public (such as the exploitation via admin-console).

Additional Information

This tool was recommended by the redhat for administrators to verify that their systems are vulnerable to a recent wave of ransom attacks.
Link: http://redhat.com/solutions/2205341

He was also quoted in a report by Talos / CISCO to have been the tool that has been chosen to promote attacks on JBoss servers around the world:
Link: http://blog.talosintel.com/2016/04/jboss-backdoor.html

It is essential to pentesters!

Activities

sec-unix

sec-unix

2016-04-30 02:33

reporter   ~0005167

Correct link to the recommendation of the redhat: https://access.redhat.com/solutions/2205341

g0tmi1k

g0tmi1k

2018-01-29 15:02

administrator   ~0008412

To help speed up the process of evaluating the tool, please make sure to include the following information (the more information you include, the more beneficial it will for us):

  • [Name] - The name of the tool
  • [Version] - What version of the tool should be added?
    --- If it uses source control (such as git), please make sure there is a release to match (e.g. git tag)
  • [Homepage] - Where can the tool be found online? Where to go to get more information?
  • [Download] - Where to go to get the tool?
  • [Author] - Who made the tool?
  • [Licence] - How is the software distributed? What conditions does it come with?
  • [Description] - What is the tool about? What does it do?
  • [Dependencies] - What is needed for the tool to work?
  • [Similar tools] - What other tools are out there?
  • [How to install] - How do you compile it?
  • [How to use] - What are some basic commands/functions to demonstrate it?
g0tmi1k

g0tmi1k

2020-03-18 18:02

administrator   ~0012475

No response... Closing.

Please reopen if the information can be provided.

Issue History

Date Modified Username Field Change
2016-04-30 02:28 sec-unix New Issue
2016-04-30 02:33 sec-unix Note Added: 0005167
2018-01-29 10:13 g0tmi1k Priority high => normal
2018-01-29 10:13 g0tmi1k Summary New Tool Request: JexBoss => JexBoss - Jboss verify and EXploitation Tool
2018-01-29 15:02 g0tmi1k Note Added: 0008412
2018-02-21 09:35 g0tmi1k Product Version kali-dev =>
2020-03-18 18:02 g0tmi1k Status new => closed
2020-03-18 18:02 g0tmi1k Resolution open => suspended
2020-03-18 18:02 g0tmi1k Note Added: 0012475