#
# Copyright (c) 2006-2015 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
beef:
    module:
        jboss_jmx_upload_exploit:
            enable: true
            category: "Exploits"
            name: "Jboss 6.0.0M1 JMX Deploy Exploit"
            description: "Deploy a JSP reverse or bind shell (Metasploit one) using the JMX exposed deploymentFileRepository MBean of JBoss. The first request made is a HEAD one to bypass auth and deploy the malicious JSP, the second request is a GET one that triggers the reverse connection to the specified MSF listener.<br />Remember to run the MSF multi/handler listener with java/jsp_shell_reverse_tcp as payload, in case you are using the reverse payload."
            authors: ["antisnatchor", "l33tb0y"]
            target:
                working: ["ALL"]
                not_working: "O"