Glassfish from (IN)Secure admin

Loading
0 %
Timeline Slides Search Info
Loading Click here to add:
Add to notification list

A talk presenting a way to bypass the “secure admin” feature of Glassfish to access the administration panel and deploy your own webshell. 

Jérémy Mousset 
Jérémy is a pentester and a Ron addict. He’s working at Vente-privee.com but this subject comes from his previous life of penetration tester in BT. He wrote an article on MISCregarding the JMX security in Tomcat and he’s currently interested by Glassfish.

Other media in the channel "2018 Lille"

135 views, 7 this month Shadow on the Wall - Risks and Flaws with Shadowsocks July 6th, 2018
40 views, 3 this month Open Hardware for (software) offensive security July 6th, 2018
30 views, 6 this month Freedom Fighting Mode - Open Source Hacking Harness July 6th, 2018
52 views, 3 this month Expl-iot: IoT Security Testing Framework July 6th, 2018
20 views Io(M)T Security: A year in review July 6th, 2018
28 views, 1 this month IoT Honeypot, new types of attacks July 6th, 2018