Update to add the new Java JMX bean zero day

2025-04-04 06:46:08 +00:00 · 2013-01-11 16:55:52 -05:00 · 2013-01-11 16:55:52 -05:00 · 19d414cd95
commit 19d414cd95
parent f859526f9b
4 changed files with 45 additions and 37 deletions
--- a/readme/CHANGES
+++ b/readme/CHANGES
@ -1,3 +1,9 @@
+~~~~~~~~~~~~~~~~
+version 4.3.7
+~~~~~~~~~~~~~~~~
+
+* Added the new Java JMX bean zero day from Metasploit (exploit/multi/browser/java_jre17_jmxbean)
+
 ~~~~~~~~~~~~~~~~
 version 4.3.6
 ~~~~~~~~~~~~~~~~
--- a/src/core/dictionaries.py
+++ b/src/core/dictionaries.py
@ -36,42 +36,43 @@ def ms_module(exploit):
    """ Receives the input given by the user from gen_payload.py """
    
    return {
-	    '1':"exploit/windows/browser/ie_cbutton_uaf",
-	    '2':"exploit/multi/browser/java_jre17_exec",
-	    '3':"exploit/windows/browser/ie_execcommand_uaf",
-            '4':"exploit/multi/browser/java_atomicreferencearray",
-	    '5':"exploit/multi/browser/java_verifier_field_access",
-            '6':"exploit/windows/browser/ms12_037_same_id",
-            '7':"exploit/windows/browser/msxml_get_definition_code_exec",
-            '8':"exploit/windows/browser/adobe_flash_rtmp",
-            '9':"exploit/windows/browser/adobe_flash_mp4_cprt",
-            '10':"exploit/windows/browser/ms12_004_midi",
-            '11':"multi/browser/java_rhino\nset target 1",
-            '12':"windows/browser/ms11_050_mshtml_cobjectelement",
-            '13':"windows/browser/adobe_flashplayer_flash10o",
-            '14':"windows/browser/cisco_anyconnect_exec",
-            '15':"windows/browser/ms11_003_ie_css_import",
-            '16':"windows/browser/wmi_admintools",
-            '17':"windows/browser/ms10_090_ie_css_clip",
-            '18':"windows/browser/java_codebase_trust",
-            '19':"windows/browser/java_docbase_bof",
-            '20':"windows/browser/webdav_dll_hijacker",
-            '21':"windows/browser/adobe_flashplayer_avm",
-            '22':"windows/browser/adobe_shockwave_rcsl_corruption",
-            '23':"windows/browser/adobe_cooltype_sing",
-            '24':"windows/browser/apple_quicktime_marshaled_punk",
-            '25':"windows/browser/ms10_042_helpctr_xss_cmd_exec",
-            '26':"windows/browser/ms10_018_ie_behaviors",
-            '27':"windows/browser/ms10_002_aurora",
-            '28':"windows/browser/ms10_018_ie_tabular_activex",
-            '29':"windows/browser/ms09_002_memory_corruption",
-            '30':"windows/browser/ms09_072_style_object",
-            '31':"windows/browser/ie_iscomponentinstalled",
-            '32':"windows/browser/ms08_078_xml_corruption",
-            '33':"windows/browser/ie_unsafe_scripting",
-            '34':"multi/browser/firefox_escape_retval",
-            '35':"windows/browser/mozilla_mchannel",
-            '36':"auxiliary/server/browser_autopwn",
+	    '1':"exploit/multi/browser/java_jre17_jmxbean",
+	    '2':"exploit/windows/browser/ie_cbutton_uaf",
+	    '3':"exploit/multi/browser/java_jre17_exec",
+	    '4':"exploit/windows/browser/ie_execcommand_uaf",
+            '5':"exploit/multi/browser/java_atomicreferencearray",
+	    '6':"exploit/multi/browser/java_verifier_field_access",
+            '7':"exploit/windows/browser/ms12_037_same_id",
+            '8':"exploit/windows/browser/msxml_get_definition_code_exec",
+            '9':"exploit/windows/browser/adobe_flash_rtmp",
+            '10':"exploit/windows/browser/adobe_flash_mp4_cprt",
+            '11':"exploit/windows/browser/ms12_004_midi",
+            '12':"multi/browser/java_rhino\nset target 1",
+            '13':"windows/browser/ms11_050_mshtml_cobjectelement",
+            '14':"windows/browser/adobe_flashplayer_flash10o",
+            '15':"windows/browser/cisco_anyconnect_exec",
+            '16':"windows/browser/ms11_003_ie_css_import",
+            '17':"windows/browser/wmi_admintools",
+            '18':"windows/browser/ms10_090_ie_css_clip",
+            '19':"windows/browser/java_codebase_trust",
+            '20':"windows/browser/java_docbase_bof",
+            '21':"windows/browser/webdav_dll_hijacker",
+            '22':"windows/browser/adobe_flashplayer_avm",
+            '23':"windows/browser/adobe_shockwave_rcsl_corruption",
+            '24':"windows/browser/adobe_cooltype_sing",
+            '25':"windows/browser/apple_quicktime_marshaled_punk",
+            '26':"windows/browser/ms10_042_helpctr_xss_cmd_exec",
+            '27':"windows/browser/ms10_018_ie_behaviors",
+            '28':"windows/browser/ms10_002_aurora",
+            '29':"windows/browser/ms10_018_ie_tabular_activex",
+            '30':"windows/browser/ms09_002_memory_corruption",
+            '31':"windows/browser/ms09_072_style_object",
+            '32':"windows/browser/ie_iscomponentinstalled",
+            '33':"windows/browser/ms08_078_xml_corruption",
+            '34':"windows/browser/ie_unsafe_scripting",
+            '35':"multi/browser/firefox_escape_retval",
+            '36':"windows/browser/mozilla_mchannel",
+            '37':"auxiliary/server/browser_autopwn",
           }.get(exploit,"ERROR")
           

--- a/src/core/menu/text.py
+++ b/src/core/menu/text.py
@ -347,6 +347,7 @@ create_payloads_text = """
           ********** PAYLOADS **********\n"""

 browser_exploits_menu = [
+'Java Applet JMX Remote Code Execution (2013-01-10)'
 'Microsoft Internet Explorer CDwnBindInfo Object Use-After-Free (2012-12-27)',
 'Java 7 Applet Remote Code Execution (2012-08-26)',
 'Microsoft Internet Explorer execCommand Use-After-Free Vulnerability (2012-09-14)',
--- a/src/core/setcore.py
+++ b/src/core/setcore.py
@ -215,7 +215,7 @@ def print_error(message):
    print bcolors.RED + bcolors.BOLD + "[!] " + bcolors.ENDC + bcolors.RED + str(message) + bcolors.ENDC

 def get_version():
-    define_version = '4.3.6'
+    define_version = '4.3.7'
    return define_version

 class create_menu: