JBOSS
- Do you work in a cybersecurity company? Do you want to see your company advertised in HackTricks? or do you want to have access to the latest version of the PEASS or download HackTricks in PDF? Check the SUBSCRIPTION PLANS!
.png?alt=media&token=13f4d279-7d3f-47ce-a68e-35f9a906973f)
If you are interested in hacking career and hack the unhackable - we are hiring! (fluent polish written and spoken required).
The /web-console/ServerInfo.jsp and /status?full=true web pages often reveal server details.
You can expose management servlets via the following paths within JBoss (depending on the version): /admin-console, /jmx-console, /management, and /web-console. Default credentials are admin/admin. Upon gaining access, you can use available invoker servlets to interact with exposed MBeans:
- /web-console/Invoker (JBoss versions 6 and 7)
- /invoker/JMXInvokerServlet and /invoker/EJBInvokerServlet (JBoss 5 and prior)
You can enumerate and even exploit a JBOSS service using clusterd
Or using metasploit:
msf > use auxiliary/scanner/http/jboss_vulnscaninurl:status EJInvokerServlet
If you are interested in hacking career and hack the unhackable - we are hiring! (fluent polish written and spoken required).
- Do you work in a cybersecurity company? Do you want to see your company advertised in HackTricks? or do you want to have access to the latest version of the PEASS or download HackTricks in PDF? Check the SUBSCRIPTION PLANS!
Last modified 3mo ago