OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
[Full-disclosure] Whitepaper: JBoss AS - Deploying WARs with the DeploymentFileRepository MBean

From: RedTeam Pentesting GmbH (releaseredteam-pentesting.de)
Date: Tue Jun 15 2010 - 07:58:30 CDT


RedTeam Pentesting released a new JBoss security whitepaper with the title
"JBoss Application Server - Deploying WARs with the DeploymentFileRepository
MBean". It explains how to deploy WAR files with the DeploymentFileRepository
MBean and how this is even possible with Cross Site Request Forgery (CSRF). The
paper is available at

http://www.redteam-pentesting.de/publications/jboss

This new informational page also contains the now publicly released scripts used
in the older paper "Bridging the Gap between the Enterprise and You - or - Who's
the JBoss now?".

Abstract
--------
The JBoss Application Server (JBoss AS) is a widely used, open source Java
application server. It is part of the JBoss Enterprise Middleware Suite (JEMS)
and often used in large enterprise installations. Because of the high modularity
and versatility of this software solution, which leads to a high complexity, the
JBoss AS is a rewarding target for attackers in enterprise networks. This paper
adds to the whitepaper "Bridging the Gap between the Enterprise and You - or -
Who's the JBoss now?" released by RedTeam Pentesting. It shows how to use the
DeploymentFileRepository MBean to deploy a Web ARchive (WAR) without the need of
outbound connections being allowed for the JBoss AS. It also describes how this
can be used in conjunction with CSRF to attack a JBoss AS with a protected JMX
Console.

--
RedTeam Pentesting GmbH Tel.: +49 241 963-1300
Dennewartstr. 25-27 Fax : +49 241 963-1304
52068 Aachen http://www.redteam-pentesting.de/
Germany Registergericht: Aachen HRB 14004
Geschäftsführer: Patrick Hof, Jens Liebchen, Claus R. F. Overbeck

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEVAwUBTBd49tG/HXWsgFSuAQIIvggAzvgDn4J+ofuFNE82NRgmHWaacJ7/bZFa
b9jGikw1ZmVyF1xsg0qUGvyU/hGbx6n13J7WHH4kBu4uDOSbE9fqyG2rf3xen0mk
pnRY9lO/AfK3tqSJ0TrjIE5x+GtUohjg+sRNCeNUtAN9luT121YOWaCSGcFe0Dai
L58HM5Ab4X6kVjE9s6YlMNjx1SgmvVrSJhkXf/KH/M/t9jyCagIPlMPeBlI+XToJ
PWD3pE/nvDzwFF9QAe+IfV/rTsIRCekPwClZcWxjty6rUpuSlZj8ZpTV1pY7t/RB
chV3d1EQ63I8TMtXrikrKyGl+VWK7w/IYdZBgFRWqEeAzvfNuh3aDA==
=qPSa
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/