what you don't know can hurt you
Showing 1 - 11 of 11 RSS Feed

Files from Joshua D. Abraham

Email addressjabra at ccs.neu.edu
First Active2005-12-03
Last Active2011-08-04
Sun/Oracle GlassFish Server Authenticated Code Execution
Posted Aug 4, 2011
Authored by Joshua D. Abraham, sinn3r, juan vazquez | Site metasploit.com

This Metasploit module logs in to an GlassFish Server 3.1 (Open Source or Commercial) instance using a default credential, uploads, and executes commands via deploying a malicious WAR. On Glassfish 2.x, 3.0 and Sun Java System Application Server 9.x this module will try to bypass authentication instead by sending lowercase HTTP verbs.

tags | exploit, java, web
advisories | CVE-2011-0807
MD5 | 06ffb6ce20215f71d9e5d4728ef13549
Axis2 Upload Exec (via REST)
Posted Dec 1, 2010
Authored by Joshua D. Abraham | Site metasploit.com

This Metasploit module logs in to an Axis2 Web Admin Module instance using a specific user/pass and uploads and executes commands via deploying a malicious web service by using REST.

tags | exploit, web
advisories | CVE-2010-0219
MD5 | 23aedf1fab5f6a4a05c7be6562b9e1bf
Axis2 / SAP BusinessObjects dswsbobje Upload Exec
Posted Nov 16, 2010
Authored by Joshua D. Abraham | Site metasploit.com

This Metasploit module logins to an Axis2 Web Admin Module instance using a specific user/pass and uploads and executes commands via deploying a malicious web service by using SOAP.

tags | exploit, web
advisories | CVE-2010-0219
MD5 | 4ac9af1d571dc87d689e29c062affff5
Rapid7 Security Advisory 37
Posted Oct 15, 2010
Authored by H D Moore, Rapid7, Joshua D. Abraham, Will Vandevanter | Site rapid7.com

Rapid7 Security Advisory - The SAP BusinessObjects product contains a module (dswsbobje.war) which deploys Axis2 with an administrator account which is configured with a static password. As a result, anyone with access to the Axis2 port can gain full access to the machine via arbitrary remote code execution. This requires the attacker to upload a malicious web service and to restart the instance of Tomcat. This issue may apply to other products and vendors that embed the Axis2 component. The username is "admin" and the password is "axis2", this is also the default for standalone Axis2 installations.

tags | exploit, remote, web, arbitrary, code execution
advisories | CVE-2010-0219
MD5 | 845edf09fd1af24cadcdec610d360c47
Adobe Doc.media.newPlayer Use After Free Vulnerability
Posted Dec 31, 2009
Authored by H D Moore, Joshua D. Abraham, Pusscat, jduck | Site metasploit.com

This Metasploit module exploits a use after free vulnerability in Adobe Reader and Adobe Acrobat Professional versions up to and including 9.2.

tags | exploit
advisories | CVE-2009-4324
MD5 | 44af4761af5272cb4f818225e4db4716
Adobe FlateDecode Stream Predictor 02 Integer Overflow
Posted Dec 31, 2009
Authored by Joshua D. Abraham, jduck | Site metasploit.com

This Metasploit module exploits an integer overflow vulnerability in Adobe Reader and Adobe Acrobat Professional versions before 9.2.

tags | exploit, overflow
advisories | CVE-2009-3459
MD5 | 0c17e02e00e4ecd3235b2f89100423bd
pbnj-2.04.tar.gz
Posted Nov 17, 2006
Authored by Joshua D. Abraham | Site pbnj.sf.net

PBNJ is a suite of tools to monitor changes on a network over time. It does this by checking for changes on the target machine(s), which includes the details about the services running on them as well as the service state. PBNJ parses the data from a scan and stores it in a database. PBNJ uses Nmap to perform scans.

Changes: Small fixes, updates to man pages, and some enhancements.
tags | tool, scanner
systems | unix
MD5 | f0a5b4dfa9456c21154a289e1e45b1d5
pbnj-2.02.tar.gz
Posted Aug 27, 2006
Authored by Joshua D. Abraham | Site pbnj.sf.net

PBNJ is a network tool that can be used to give an overview of a machine or multiple machines and includes the details about the services running on them. PBNJ is different from other tools because it is based on using a scan from nmap parsed to amap. PBNJ parses the data from a scan and outputs to a CSV format file for each ip address scanned.

Changes: Small fixes.
tags | tool, scanner
systems | unix
MD5 | 8d5108cd8d8b06770087aa40a2674b31
pbnj-1.14.tar.gz
Posted May 22, 2006
Authored by Joshua D. Abraham | Site pbnj.sf.net

PBNJ is a network tool that can be used to give an overview of a machine or multiple machines and includes the details about the services running on them. PBNJ is different from other tools because it is based on using a scan from nmap parsed to amap. PBNJ parses the data from a scan and outputs to a CSV format file for each ip address scanned.

Changes: Fixed bug that crashed PBNJ after scanning a machine with no ports open, Fixed --nodiff banner bug, Added --delim option to allow custom delimination, various other enhancements.
tags | tool, scanner
systems | unix
MD5 | a421aed4476b2a0ecd20aa112da9869d
pbnj-1.12.tar.gz
Posted Dec 28, 2005
Authored by Joshua D. Abraham | Site pbnj.sf.net

PBNJ is a network tool that can be used to give an overview of a machine or multiple machines and includes the details about the services running on them. PBNJ is different from other tools because it is based on using a scan from nmap parsed to amap. PBNJ parses the data from a scan and outputs to a CSV format file for each ip address scanned.

Changes: Fixed to work with nmap 3.95.
tags | tool, scanner
systems | unix
MD5 | 30753280dca24fec8caeb148dbdda34b
pbnj-1.10.tar.bz2
Posted Dec 3, 2005
Authored by Joshua D. Abraham | Site pbnj.sf.net

PBNJ is a network tool that can be used to give an overview of a machine or multiple machines and includes the details about the services running on them. PBNJ is different from other tools because it is based on using a scan from nmap parsed to amap. PBNJ parses the data from a scan and outputs to a CSV format file for each ip address scanned.

tags | tool, scanner
systems | unix
MD5 | 5a5b347106e5419259e62c5943687bdb
Page 1 of 1
Back1Next

File Archive:

September 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    38 Files
  • 3
    Sep 3rd
    30 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    12 Files
  • 6
    Sep 6th
    17 Files
  • 7
    Sep 7th
    3 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    24 Files
  • 10
    Sep 10th
    22 Files
  • 11
    Sep 11th
    22 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    5 Files
  • 14
    Sep 14th
    2 Files
  • 15
    Sep 15th
    1 Files
  • 16
    Sep 16th
    11 Files
  • 17
    Sep 17th
    16 Files
  • 18
    Sep 18th
    8 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close