CVE-2018-1297 Archives

Apache JMeter RMI Code Execution PoC (CVE-2018-1297)

Posted: 7 months ago by @pentestit 4884 views
Updated: April 10, 2018 at 3:49 am

Recently, I read about a remote code execution (RCE) vulnerability; CVE-2018-1297, that affects yet another Apache product - JMeter. As you might know, "The Apache JMeter™ application is open source software, a 100% pure Java application designed to load test functional behavior and measure performance." The CVE Mitre page does not mention a lot of details, mentioning just that - When using Distributed Test only (RMI based), Apache JMeter 2.x and 3.x uses an unsecured RMI connection. This could Read more about Apache JMeter RMI Code Execution PoC (CVE-2018-1297)

UPDATED VERSION: RouterSploit 3.4.0

October 18, 2018 By Black Leave a Comment

RouterSploit 3.4.0, the long awaited router exploitation framework update is out guys! This release includes some really cool features and updates such as using pycryptodome from pycryptoand newer exploitation modules! Read on for the improvements. What is RouterSploit? The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices. It consists of the followingRead more about UPDATED VERSION: RouterSploit 3.4.0