Glassfish from (IN)Secure admin
Action | Key |
---|---|
Play / Pause | K or space |
Mute / Unmute | M |
Select next subtitles | C |
Select next audio track | A |
Show slide in full page or toggle automatic source change | V |
Seek 5s backward | left arrow |
Seek 5s forward | right arrow |
Seek 10s backward | shift + left arrow or J |
Seek 10s forward | shift + right arrow or L |
Seek 60s backward | control + left arrow |
Seek 60s forward | control + right arrow |
Decrease volume | shift + down arrow |
Increase volume | shift + up arrow |
Decrease playback rate | shift + comma |
Increase playback rate | shift + dot or shift + semicolon |
Seek to end | end |
Seek to beginning | beginning |
You can right click on slides to open the menu
Share this media
HLS video stream
You can use an external player to play this stream (like VLC).
HLS video stream
Subscribe to notifications
When subscribed to notifications, an email will be sent to you for all added annotations.
Your user account has no email address.
Information on this media
112 views
A talk presenting a way to bypass the “secure admin” feature of Glassfish to access the administration panel and deploy your own webshell.
Jérémy Mousset
Jérémy is a pentester and a Ron addict. He’s working at Vente-privee.com but this subject comes from his previous life of penetration tester in BT. He wrote an article on MISCregarding the JMX security in Tomcat and he’s currently interested by Glassfish.
Creation date:
July 6, 2018
Speakers:
Jérémy Mousset
License:
CC BY-SA v4
Links:
Other media in the channel "2018"
- 161 views, 2 this yearShadow on the Wall - Risks and Flaws with ShadowsocksJuly 6th, 2018
- 57 views, 1 this yearOpen Hardware for (software) offensive securityJuly 6th, 2018
- 48 viewsFreedom Fighting Mode - Open Source Hacking HarnessJuly 6th, 2018
- 78 views, 2 this yearExpl-iot: IoT Security Testing FrameworkJuly 6th, 2018
- 23 viewsIo(M)T Security: A year in reviewJuly 6th, 2018
- 46 views, 1 this yearIoT Honeypot, new types of attacksJuly 6th, 2018