Glassfish from (IN)Secure admin

Loading
Timeline Slides Search Info
Loading Click here to add:
Add to notification list

A talk presenting a way to bypass the “secure admin” feature of Glassfish to access the administration panel and deploy your own webshell. 

Jérémy Mousset 
Jérémy is a pentester and a Ron addict. He’s working at Vente-privee.com but this subject comes from his previous life of penetration tester in BT. He wrote an article on MISCregarding the JMX security in Tomcat and he’s currently interested by Glassfish.

Other media in the channel "2018"

147 views, 1 this month Shadow on the Wall - Risks and Flaws with Shadowsocks July 6th, 2018
51 views, 1 this month Open Hardware for (software) offensive security July 6th, 2018
35 views, 1 this month Freedom Fighting Mode - Open Source Hacking Harness July 6th, 2018
69 views Expl-iot: IoT Security Testing Framework July 6th, 2018
22 views Io(M)T Security: A year in review July 6th, 2018
37 views, 2 this month IoT Honeypot, new types of attacks July 6th, 2018