Java Unserialization getshell and CMD exploit.

Java Unserialization getshell and CMD exploit.

JBoss-exp deserialize java exploits -JBOSS (including java project generated payload, exploit py script, shodan part of the target host search results)Jboss-exp

Latest Change 16/12/2015: add gui

How to Use?
+ just double click JBOSS_EXP.jar
Rebound shell command:
+ First, open the shell of the receiving host their own public network Use the following command port, waiting for a connection nc -lv 10501
+ Then open another command line, use python contracting script sends payload to the target machine.
+ Syntax python jbossexp.py [url] [port] [payload]
+ Then the host will receive public rally on the shell, as shown below.

Download : JBoss-exp.zip(5.4 MB)
Source : http://www.cdxy.me/java/jboss-vulnerability/