Glassfish from (IN)Secure admin

Loading
Timeline Slides Search Info
Loading Click here to add:
Add to notification list

A talk presenting a way to bypass the “secure admin” feature of Glassfish to access the administration panel and deploy your own webshell. 

Jérémy Mousset 
Jérémy is a pentester and a Ron addict. He’s working at Vente-privee.com but this subject comes from his previous life of penetration tester in BT. He wrote an article on MISCregarding the JMX security in Tomcat and he’s currently interested by Glassfish.

Other media in the channel "2018"

144 views, 2 this month Shadow on the Wall - Risks and Flaws with Shadowsocks July 6th, 2018
46 views, 1 this month Open Hardware for (software) offensive security July 6th, 2018
34 views Freedom Fighting Mode - Open Source Hacking Harness July 6th, 2018
63 views, 2 this month Expl-iot: IoT Security Testing Framework July 6th, 2018
21 views Io(M)T Security: A year in review July 6th, 2018
34 views, 1 this month IoT Honeypot, new types of attacks July 6th, 2018