adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

9 Commits

Author SHA1 Message Date
Alan Foster 30809787c4 Convert disclosure dates to iso8601 2020-10-02 21:00:37 +01:00
William Vu 959cbde6eb Clean up module 2018-05-16 05:29:25 -05:00
notivan 6764bdb36f Fix Jenkins Ldap Deserialization Remote Use 
It appears the original exploit had been deliberately sabotaged to not work remotely. We have fixed this egregious error.
 2017-02-14 17:05:25 +00:00
notivan 6c0450fe95 add check for jenkins ldap exploit 
we just check for X-Jenkins <= 2.31. this is not completely correct because the exploit probably doesn't work on some earlier versions.
 2017-01-13 12:40:33 +00:00
notivan 036328df5c Fix msftidy issue 2017-01-12 13:26:41 +00:00
notivan e09b7a96f1 Add YSOSerial command options 2017-01-12 13:21:58 +00:00
notivan 0b32af8d43 Remove duplicate validation 2017-01-12 09:59:55 +00:00
notivan 0a30e775d1 Fix msftidy issues 2017-01-11 23:43:01 +00:00
notivan 08690e5e11 Exploit for CVE-2016-9299 (Jenkins CLI Ldap Deser) 
This is based on Matthias Kaiser's presentation at deepsec. We build a chain that connects back to our LDAP server and trigger it over the CLI HTTP interface. The LDAP server then serves a second chain based on YSOSerial commons-collection which triggers Runtime.exec. The second chain doesn't run with Jenkin's class filtering so succeeds.
 2017-01-11 23:23:02 +00:00