-
Notifications
You must be signed in to change notification settings - Fork 639
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
The check_vul method in jexboss.py isn't rigorous #25
Comments
Hello Friend, I'm working on an update (which will contain a new exploit and a very important new exploit vector). Thank you very much for the feedback and sorry for the delay in replying to you. |
Looking forward to your update.😆 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi, joaomatosf,
When I use your tools to exploit, I find many false alarm.
I was been told there ware all VULNERABLE, then I tried to run an automated exploitation to execute a command,but only got an error "*Error contacting the command shell. Try again later..."
Then I tried to access the url like http:https://xxxx.com/jmx-console/, the response status is 200 and the body is:
I read the codes and suspect the logic of check_vul method in jexboss.py isn't rigorous. In the check_vul, HEAD method is used to get the response and judge whether been VULNERABLE only depend on the response's status.If status is 200 or 500, there are VULNERABLE. But, my response's status is 200 and the response's body is a 404 page.So I think it's better to check the body's content to avoid the false alarm.
Thank you!
The text was updated successfully, but these errors were encountered: