Today we’ll talk about how to take ownership of a server running a default install of JBOSS 4.2.3.GA by hand using CVE-2010-0738.  Why are we talking about exploiting such an old vulnerability?  Well one reason is because it’s fun!  Another, is that we still see these type of installs on real life engagements!  Finally, there …

Owning JBOSS 4.2.3.GA ManuallyRead More »