This Metasploit module logs in to an GlassFish Server 3.1 (Open Source or Commercial) instance using a default credential, uploads, and executes commands via deploying a malicious WAR. On Glassfish 2.x, 3.0 and Sun Java System Application Server 9.x this module will try to bypass authentication instead by sending lowercase HTTP verbs.
4035b3ff0884c803d4786b07e2e9bd10c14e0d67c4f6962ff8749b9e5761b58eThis Metasploit module logs in to an Axis2 Web Admin Module instance using a specific user/pass and uploads and executes commands via deploying a malicious web service by using REST.
51902f7e6af771ea7983f5300fc1027caf680459a29103bb46b1f0994f2206fcThis Metasploit module logins to an Axis2 Web Admin Module instance using a specific user/pass and uploads and executes commands via deploying a malicious web service by using SOAP.
d25079aca4be2ff7c1b9c1e7d10524631a0690cd4f3947fe48034950306d88a5Rapid7 Security Advisory - The SAP BusinessObjects product contains a module (dswsbobje.war) which deploys Axis2 with an administrator account which is configured with a static password. As a result, anyone with access to the Axis2 port can gain full access to the machine via arbitrary remote code execution. This requires the attacker to upload a malicious web service and to restart the instance of Tomcat. This issue may apply to other products and vendors that embed the Axis2 component. The username is "admin" and the password is "axis2", this is also the default for standalone Axis2 installations.
226db62066f2c56c87818ee78e4d00164861cd9e8d34858c75dc772b294bbff8This Metasploit module exploits a use after free vulnerability in Adobe Reader and Adobe Acrobat Professional versions up to and including 9.2.
db8a3aadb83130b870e5a70ed5ba3a3aafb3ba7ade242ba5744bcd8251b74f40This Metasploit module exploits an integer overflow vulnerability in Adobe Reader and Adobe Acrobat Professional versions before 9.2.
328118791df64b5b6d6ab27dc8882d52301e5fc9ac482a046dc54015346ec0eePBNJ is a suite of tools to monitor changes on a network over time. It does this by checking for changes on the target machine(s), which includes the details about the services running on them as well as the service state. PBNJ parses the data from a scan and stores it in a database. PBNJ uses Nmap to perform scans.
3df88ea306bd47401766d69f32e5cd1fdc1f015e6a06c66a7fa7aba7dfd0f3b9PBNJ is a network tool that can be used to give an overview of a machine or multiple machines and includes the details about the services running on them. PBNJ is different from other tools because it is based on using a scan from nmap parsed to amap. PBNJ parses the data from a scan and outputs to a CSV format file for each ip address scanned.
049a9f586b4707aff0a492cad8f02a71961bad6ad152a39c316a46a75b3594baPBNJ is a network tool that can be used to give an overview of a machine or multiple machines and includes the details about the services running on them. PBNJ is different from other tools because it is based on using a scan from nmap parsed to amap. PBNJ parses the data from a scan and outputs to a CSV format file for each ip address scanned.
5b9b16feef9c73ca2c84610cef13be1f63d81790e0ac6de5dfb1b8f395860710PBNJ is a network tool that can be used to give an overview of a machine or multiple machines and includes the details about the services running on them. PBNJ is different from other tools because it is based on using a scan from nmap parsed to amap. PBNJ parses the data from a scan and outputs to a CSV format file for each ip address scanned.
7dfa75fbdc954a4750794868a286fdaeb24b761326de9ab0329d2dafc49a9f1aPBNJ is a network tool that can be used to give an overview of a machine or multiple machines and includes the details about the services running on them. PBNJ is different from other tools because it is based on using a scan from nmap parsed to amap. PBNJ parses the data from a scan and outputs to a CSV format file for each ip address scanned.
d75cad2daadc7fb0d9557d8ab4ba0d92ff4bb341606471f81dd36e99e6420cc3
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed