Exploit POC

Owning JBOSS 4.2.3.GA Manually

Today we’ll talk about how to take ownership of a server running a default install of JBOSS 4.2.3.GA by hand using CVE-2010-0738.  Why are we talking about exploiting such an old vulnerability?  Well one reason is because it’s fun!  Another, is that we still see these type of installs on real life engagements!  Finally, there …

Owning JBOSS 4.2.3.GA ManuallyRead More »

Owning Solar Winds Firewall Security Manager Manually

We recently encountered a Solar Winds Firewall Security Manager (soon to be EOL) during an internal assessment. The vulnerability scan reported a source code disclosure vulnerability related to the underlying Java application server Jetty 6.1. While following up on this we stumbled upon a public exploit for CVE-2015-2284, “userlogin.jsp in SolarWinds Firewall Security Manager (FSM) before 6.6.5 HotFix1 allows remote attackers to gain privileges and execute arbitrary code”.