exploit the possibilities
Showing 1 - 8 of 8 RSS Feed

Files from Matthias Kaiser

First Active2010-08-24
Last Active2018-05-16
Jenkins CLI HTTP Java Deserialization
Posted May 16, 2018
Authored by Matthias Kaiser, Alisa Esage, YSOSerial, Ivan | Site metasploit.com

This Metasploit module exploits a vulnerability in Jenkins. An unsafe deserialization bug exists on the Jenkins, which allows remote arbitrary code execution via HTTP. Authentication is not required to exploit this vulnerability.

tags | exploit, remote, web, arbitrary, code execution
advisories | CVE-2016-9299
MD5 | a3aeb852830fc3dbdd714d7dccd5cd1b
Apache Qpid Untrusted Input Deserialization
Posted Jul 2, 2016
Authored by Matthias Kaiser

When applications call getObject() on a consumed JMS ObjectMessage they are subject to the behaviour of any object deserialization during the process of constructing the body to return. Unless the application has taken outside steps to limit the deserialization process, they can't protect against input that might try to make undesired use of classes available on the application classpath that might be vulnerable to exploitation. Apache Qpid AMQP 0-x JMS client versions 6.0.3 and earlier and Qpid JMS (AMQP 1.0) client versions 0.9.0 and earlier are affected.

tags | advisory
advisories | CVE-2016-4974
MD5 | bd9f02d6a4f6778661162455acfbf223
Apache Flex BlazeDS 4.7.0 XML Entity Expansion
Posted Aug 22, 2015
Authored by Matthias Kaiser

When receiving XML encoded AMF messages containing DTD entities, the default XML parser configurations allows expanding of entities to local resources. A request that included a specially crafted request parameter could be used to access content that would otherwise be protected.

tags | advisory, local
advisories | CVE-2015-3269
MD5 | c712a6a20b6791fd80403326c7724d49
IPass Control Pipe Remote Command Execution
Posted Mar 13, 2015
Authored by Matthias Kaiser | Site metasploit.com

This Metasploit module exploits a vulnerability in the IPass Client service. This service provides a named pipe which can be accessed by the user group BUILTIN\Users. This pipe can be abused to force the service to load a DLL from a SMB share.

tags | exploit
advisories | CVE-2015-0925
MD5 | ffc39e2ef1fd5a0cf7b4f982947690e3
Java Applet ProviderSkeleton Insecure Invoke Method
Posted Jun 27, 2013
Authored by Adam Gowdiak, Matthias Kaiser | Site metasploit.com

This Metasploit module abuses the insecure invoke() method of the ProviderSkeleton class that allows to call arbitrary static methods with user supplied arguments. The vulnerability affects Java version 7u21 and earlier.

tags | exploit, java, arbitrary
advisories | CVE-2013-2460, OSVDB-94346
MD5 | eb31080dbf4908fe55f6198beec5aae0
Sun Java Web Start BasicServiceImpl Remote Code Execution Exploit
Posted Nov 23, 2010
Authored by egypt, Matthias Kaiser | Site metasploit.com

This Metasploit module exploits a vulnerability in Java Runtime Environment that allows an attacker to escape the Java Sandbox. By injecting a parameter into a javaws call within the BasicServiceImpl class the default java sandbox policy file can be therefore overwritten. The vulnerability affects version 6 prior to update 22. NOTE: Exploiting this vulnerability causes several sinister-looking popup windows saying that Java is "Downloading application."

tags | exploit, java
systems | windows
advisories | CVE-2010-3563, OSVDB-69043
MD5 | 9a21a47d9c36f5a1bda2c5036310f6c0
Java RMIConnectionImpl Deserialization Privilege Escalation Exploit
Posted Sep 9, 2010
Authored by egypt, Matthias Kaiser, Sami Koivu | Site metasploit.com

This Metasploit module exploits a vulnerability in the Java Runtime Environment that allows to deserialize a MarshalledObject containing a custom classloader under a privileged context. The vulnerability affects version 6 prior to update 19 and version 5 prior to update 23.

tags | exploit, java
advisories | CVE-2010-0094
MD5 | 0d92c0d644f75f48c339916b902897e1
Java Statement.invoke() Trusted Method Chain Exploit
Posted Aug 24, 2010
Authored by egypt, Matthias Kaiser, Sami Koivu | Site metasploit.com

This Metasploit module exploits a vulnerability in Java Runtime Environment that allows an untrusted method to run in a privileged context. The vulnerability affects version 6 prior to update 19 and version 5 prior to update 23.

tags | exploit, java
advisories | CVE-2010-0840
MD5 | 4e689cf5083f3182b1988ba27606166b
Page 1 of 1
Back1Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    1 Files
  • 26
    Oct 26th
    17 Files
  • 27
    Oct 27th
    19 Files
  • 28
    Oct 28th
    29 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close