Penetration Testing using JexBoss (Practical Guide)

in #technology7 years ago

Today we are going to learn about penetration testing using JexBoss. This tool used for penetration testing and exploiting vulnerabilities/weaknesses in JBoss Application Server and other Java Application Servers (for example, WebLogic, GlassFish, Tomcat, Axis2, and so on). This tool is not available in Kali Linux you need to download it manually from GitHub.
Practical guide for penetration testing using JexBoss
Now navigate to the directory in which you cloned JexBoss and then you need to install all the requirements using the following command:

                              pip install -r requires.txt

Screenshot available below:
1-14.png

To view the help, use following command to get more knowledge about its usage:

                               python jexboss.py -h

For penetration testing with JexBoss or exploiting a host, following command is used:

                             python jexboss.py -host http://target_host:8080

Following screenshot shows the results of entering that command:
1-15.png

Now this tool will check for vulnerabilities in the target as shown below:
1-16.png

Now you need to type yes then exploitation will start as show below:
1-17.png

Here is our output below:
1-18.png

Now keep in your mind that every time your attack is not going to be successful one, because maybe target is already patched or there is chance of false positives in each penetration test. Failure is a part of success #TryHarder.

#tryharder
7 years ago in #technology by
$0.00
    1 vote
    Reply 1
    Sort:  
  • Trending
    • [-]
     7 years ago 

    Hi! I am a robot. I just upvoted you! I found similar content that readers might be interested in:
    https://myhackstuff.com/penetration-testing-using-jexboss/

    $0.00
      Reply