Awesome

serialator

Python script to exploit CVE-2015-4852.

Description

During a recent engagement, I found that Nessus was now actively exploiting vulnerabilities for confirmation. When I checked the associated nasl script I found that the payload was generic enough to be used on a standalone script. Hence, I collected the payloads from all the nasl scripts that were part of the same RCE vulnerability (but for separate applications) and wrapped them with Python magic. Next time you see a vulnreable application, use this script.

Changelog:

• Update 29/02/2016 ** Initial commit. Ready for testing.

Author

Nikhil Sreekumar (@roo7break)

Target applications

• Websphere
• JBoss
• OpenNMS
• Symantec Endpoint Protection Manager

Included scripts

• serialator.py - Main exploit script
• ICMPListener.py - To setup a ICMP listener using scapy. Used alongside serialator.py for testing if target is vulnerable or not.

Code details

• Python3 No additional packages required

What next

• Incorporate ysoserial.jar or its payload generation
• Threaded exploiter - Weapon of mass exploitation :D
• Automated testing