Python script to exploit CVE-2015-4852.
Switch branches/tags
Nothing to show
Clone or download
Latest commit f86ad08 Jul 20, 2016
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
ICMPListener.py Added ICMPListener.py Mar 3, 2016
README.md README added Mar 3, 2016
serialator.py Hotfix serialator Apr 13, 2016

README.md

serialator

Python script to exploit CVE-2015-4852.

Description

During a recent engagement, I found that Nessus was now actively exploiting vulnerabilities for confirmation. When I checked the associated nasl script I found that the payload was generic enough to be used on a standalone script. Hence, I collected the payloads from all the nasl scripts that were part of the same RCE vulnerability (but for separate applications) and wrapped them with Python magic. Next time you see a vulnreable application, use this script.

Changelog:

  • Update 29/02/2016 ** Initial commit. Ready for testing.

Author

Nikhil Sreekumar (@roo7break)

Target applications

  • Websphere
  • JBoss
  • OpenNMS
  • Symantec Endpoint Protection Manager

Included scripts

  • serialator.py - Main exploit script
  • ICMPListener.py - To setup a ICMP listener using scapy. Used alongside serialator.py for testing if target is vulnerable or not.

Code details

  • Python3 No additional packages required

What next

  • Incorporate ysoserial.jar or its payload generation
  • Threaded exploiter - Weapon of mass exploitation :D
  • Automated testing