17 lines
858 B
YAML
17 lines
858 B
YAML
#
|
|
# Copyright (c) 2006-2015 Wade Alcorn - wade@bindshell.net
|
|
# Browser Exploitation Framework (BeEF) - http://beefproject.com
|
|
# See the file 'doc/COPYING' for copying permission
|
|
#
|
|
beef:
|
|
module:
|
|
glassfish_war_upload_xsrf:
|
|
enable: true
|
|
category: "Exploits"
|
|
name: "GlassFish WAR Upload XSRF"
|
|
description: "This module attempts to deploy a malicious war file on an Oracle GlassFish Server 3.1.1 (build 12). It makes advantage of a CSRF bug in the REST interface.<br />For more information refer to <a href='http://blog.malerisch.net/2012/04/oracle-glassfish-server-rest-csrf.html'>http://blog.malerisch.net/2012/04/oracle-glassfish-server-rest-csrf.html</a>."
|
|
authors: ["Bart Leppens"]
|
|
target:
|
|
working: ["FF", "S", "C"]
|
|
not_working: ["IE", "O"]
|