Glassfish from (IN)Secure admin
Loading
0 %
| Key | Action |
|---|---|
| K or space | Play / Pause |
| M | Mute / Unmute |
| C | Select next subtitles |
| A | Select next audio track |
| V | Show slide in full page or toggle automatic source change |
| left arrow | Seek 5s backward |
| right arrow | Seek 5s forward |
| shift + left arrow or J | Seek 10s backward |
| shift + right arrow or L | Seek 10s forward |
| control + left arrow | Seek 60s backward |
| control + right arrow | Seek 60s forward |
| shift + down arrow | Decrease volume |
| shift + up arrow | Increase volume |
| shift + coma | Decrease playback speed |
| shift + dot or shift + semicolon | Increase playback speed |
| end | Seek to end |
| beginning | Seek to beginning |
You can right click on slides to open the menu
Share this media
HLS video stream
You can use an external player to play this stream (like VLC).
HLS video streamInformation on this media
Links:
Creation date:
July 6, 2018Number of views:
97Speaker:
Jérémy MoussetLicense:
CC BY-SA v4Description
A talk presenting a way to bypass the “secure admin” feature of Glassfish to access the administration panel and deploy your own webshell.
Jérémy Mousset
Jérémy is a pentester and a Ron addict. He’s working at Vente-privee.com but this subject comes from his previous life of penetration tester in BT. He wrote an article on MISCregarding the JMX security in Tomcat and he’s currently interested by Glassfish.
Other media in the channel "2018"
151 viewsShadow on the Wall - Risks and Flaws with ShadowsocksJuly 6th, 2018
51 viewsOpen Hardware for (software) offensive securityJuly 6th, 2018
43 views, 1 this monthFreedom Fighting Mode - Open Source Hacking HarnessJuly 6th, 2018
73 viewsExpl-iot: IoT Security Testing FrameworkJuly 6th, 2018
22 viewsIo(M)T Security: A year in reviewJuly 6th, 2018
41 viewsIoT Honeypot, new types of attacksJuly 6th, 2018