Friday, October 23, 2009

Metasploit JSP Shells

Stephen Fewer has pushed up a jsp reverse and jsp bind shell.

http://dev.metasploit.com/redmine/projects/framework/repository/show/modules/payloads/singles/java

I'm not sure of all the ways to use them but the easiest way is to just output the shell to raw and just upload it to a web server or for an example with an exploit check out the adobe robohelp exploit.

http://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/http/adobe_robohelper_authbypass.rb

Source: carnal0wnage

No comments: