Glassfish from (IN)Secure admin
Loading
0 %
| Key | Action |
|---|---|
| K or space | Play / Pause |
| M | Mute / Unmute |
| C | Select next subtitles |
| A | Select next audio track |
| V | Show slide in full page or toggle automatic source change |
| left arrow | Seek 5s backward |
| right arrow | Seek 5s forward |
| shift + left arrow or J | Seek 10s backward |
| shift + right arrow or L | Seek 10s forward |
| control + left arrow | Seek 60s backward |
| control + right arrow | Seek 60s forward |
| shift + down arrow | Decrease volume |
| shift + up arrow | Increase volume |
| shift + coma | Decrease playback speed |
| shift + dot or shift + semicolon | Increase playback speed |
| end | Seek to end |
| beginning | Seek to beginning |
You can right click on slides to open the menu
Share this media
HLS video stream
You can use an external player to play this stream (like VLC).
HLS video streamInformation on this media
Links:
Creation date:
July 6th, 2018, 5:20 p.m.Add date:
July 6th, 2018, 1:07 p.m.Number of views:
96 (this month: 1)Speaker:
Jérémy MoussetLicense:
CC BY-SA v4Visibility:
This media is publishedDescription
A talk presenting a way to bypass the “secure admin” feature of Glassfish to access the administration panel and deploy your own webshell.
Jérémy Mousset
Jérémy is a pentester and a Ron addict. He’s working at Vente-privee.com but this subject comes from his previous life of penetration tester in BT. He wrote an article on MISCregarding the JMX security in Tomcat and he’s currently interested by Glassfish.
Other media in the channel "2018"
155 viewsShadow on the Wall - Risks and Flaws with ShadowsocksJuly 6th, 2018
51 viewsOpen Hardware for (software) offensive securityJuly 6th, 2018
40 viewsFreedom Fighting Mode - Open Source Hacking HarnessJuly 6th, 2018
73 viewsExpl-iot: IoT Security Testing FrameworkJuly 6th, 2018
22 viewsIo(M)T Security: A year in reviewJuly 6th, 2018
41 viewsIoT Honeypot, new types of attacksJuly 6th, 2018