Add JMX vuln

This commit is contained in:
wchen-r7 2016-09-06 12:12:44 -05:00
parent f58f163dc4
commit d013bfaa45
9 changed files with 15 additions and 1 deletions

4
Vagrantfile vendored
View File

@ -61,6 +61,10 @@ Vagrant.configure("2") do |config|
config.vm.provision :shell, path: "scripts/installs/setup_jenkins.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Vulnerability - JMX
config.vm.provision :shell, path: "scripts/installs/setup_jmx.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
# Configure Firewall to open up vulnerable services
config.vm.provision :shell, path: "scripts/configs/configure_firewall.bat"
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614

BIN
resources/jmx/Hello.class Executable file

Binary file not shown.

BIN
resources/jmx/HelloMBean.class Executable file

Binary file not shown.

BIN
resources/jmx/SimpleAgent.class Executable file

Binary file not shown.

BIN
resources/jmx/jdk1.6.zip Executable file

Binary file not shown.

BIN
resources/jmx/jmx.exe Executable file

Binary file not shown.

View File

@ -0,0 +1 @@
"C:\Program Files\Java\jdk1.6.0_26\bin\java.exe" -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=1617 -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false SimpleAgent

View File

@ -5,4 +5,4 @@ netsh advfirewall firewall add rule name="Open Port 80 for IIS" dir=in action=al
netsh advfirewall firewall add rule name="Open Port 4848 for GlassFish" dir=in action=allow protocol=TCP localport=4848
netsh advfirewall firewall add rule name="Open Port 8080 for GlassFish" dir=in action=allow protocol=TCP localport=8080
netsh advfirewall firewall add rule name="Open Port 3389 for Remote Desktop" dir=in action=allow protocol=TCP localport=3389
netsh advfirewall firewall add rule name="Java 1.6 java.exe" dir=in action=allow program="C:\Program Files\Java\jdk1.6.0_26\bin\java.exe" enable=yes

View File

@ -0,0 +1,9 @@
mkdir "%ProgramFiles%\jmx"
copy C:\vagrant\resources\jmx\Hello.class "%ProgramFiles%\jmx"
copy C:\vagrant\resources\jmx\HelloMBean.class "%ProgramFiles%\jmx"
copy C:\vagrant\resources\jmx\SimpleAgent.class "%ProgramFiles%\jmx"
copy C:\vagrant\resources\jmx\jmx.exe "%ProgramFiles%\jmx"
copy C:\vagrant\resources\jmx\start_jmx.bat "%ProgramFiles%\jmx"
cmd /c ""C:\Program Files\7-Zip\7z.exe" x "C:\vagrant\resources\jmx\jdk1.6.zip" -o"C:\Program Files\Java""
"%ProgramFiles%\jmx\jmx.exe" -Service Install
cacls "C:\Program Files\jmx" /t /e /g Everyone:f