Tidy and metadata updates for jboss #269 #261

2026-02-21 11:18:06 +00:00 · 2023-04-20 10:57:04 +01:00
parent 081ae73450
commit 5ddee55366
12 changed files with 35 additions and 8 deletions
--- a/modules/vulnerabilities/unix/misc/jboss/jboss.pp
+++ b/modules/vulnerabilities/unix/misc/jboss/jboss.pp
@@ -1,2 +0,0 @@
-include jboss::install
-include jboss::flags
--- a/modules/vulnerabilities/unix/misc/jboss_remoting_unified_invoker_rce/files/jboss-archive-files/jboss-as-distribution-6.1.0.Final.zip_00
+++ b/modules/vulnerabilities/unix/misc/jboss_remoting_unified_invoker_rce/files/jboss-archive-files/jboss-as-distribution-6.1.0.Final.zip_00
--- a/modules/vulnerabilities/unix/misc/jboss_remoting_unified_invoker_rce/files/jboss-archive-files/jboss-as-distribution-6.1.0.Final.zip_01
+++ b/modules/vulnerabilities/unix/misc/jboss_remoting_unified_invoker_rce/files/jboss-archive-files/jboss-as-distribution-6.1.0.Final.zip_01
--- a/modules/vulnerabilities/unix/misc/jboss_remoting_unified_invoker_rce/files/jboss-archive-files/jboss-as-distribution-6.1.0.Final.zip_02
+++ b/modules/vulnerabilities/unix/misc/jboss_remoting_unified_invoker_rce/files/jboss-archive-files/jboss-as-distribution-6.1.0.Final.zip_02
--- a/modules/vulnerabilities/unix/misc/jboss_remoting_unified_invoker_rce/files/jboss-archive-files/jboss-as-distribution-6.1.0.Final.zip_03
+++ b/modules/vulnerabilities/unix/misc/jboss_remoting_unified_invoker_rce/files/jboss-archive-files/jboss-as-distribution-6.1.0.Final.zip_03
--- a/modules/vulnerabilities/unix/misc/jboss_remoting_unified_invoker_rce/files/jre-archive-files/jre-8u351-linux-x64.tar.gz_00
+++ b/modules/vulnerabilities/unix/misc/jboss_remoting_unified_invoker_rce/files/jre-archive-files/jre-8u351-linux-x64.tar.gz_00
--- a/modules/vulnerabilities/unix/misc/jboss_remoting_unified_invoker_rce/files/jre-archive-files/jre-8u351-linux-x64.tar.gz_01
+++ b/modules/vulnerabilities/unix/misc/jboss_remoting_unified_invoker_rce/files/jre-archive-files/jre-8u351-linux-x64.tar.gz_01
--- a/modules/vulnerabilities/unix/misc/jboss_remoting_unified_invoker_rce/jboss.pp
+++ b/modules/vulnerabilities/unix/misc/jboss_remoting_unified_invoker_rce/jboss.pp
@@ -0,0 +1,2 @@
+include jboss_remoting_unified_invoker_rce::install
+include jboss_remoting_unified_invoker_rce::flags
--- a/modules/vulnerabilities/unix/misc/jboss_remoting_unified_invoker_rce/manifests/flags.pp
+++ b/modules/vulnerabilities/unix/misc/jboss_remoting_unified_invoker_rce/manifests/flags.pp
@@ -1,4 +1,4 @@
-class jboss::flags {
+class jboss_remoting_unified_invoker_rce::flags {
  $secgen_parameters = secgen_functions::get_parameters($::base64_inputs_file)
  $leaked_filenames = $secgen_parameters['leaked_filenames']
  $strings_to_leak = $secgen_parameters['strings_to_leak']
--- a/modules/vulnerabilities/unix/misc/jboss_remoting_unified_invoker_rce/manifests/install.pp
+++ b/modules/vulnerabilities/unix/misc/jboss_remoting_unified_invoker_rce/manifests/install.pp
@@ -1,4 +1,4 @@
-class jboss::install {
+class jboss_remoting_unified_invoker_rce::install {
  Exec { path => ['/bin', '/usr/bin', '/usr/local/bin', '/sbin', '/usr/sbin'],
    environment => ['JAVA_HOME="/usr/lib/jvm/adoptopenjdk-8-hotspot-amd64/bin/java"']}

--- a/modules/vulnerabilities/unix/misc/jboss_remoting_unified_invoker_rce/secgen_metadata.xml
+++ b/modules/vulnerabilities/unix/misc/jboss_remoting_unified_invoker_rce/secgen_metadata.xml
@@ -19,7 +19,7 @@

  <read_fact>strings_to_leak</read_fact>
  <read_fact>leaked_filenames</read_fact>
-  <read_fact>leaked_username</read_fact>
+  <read_fact>unix_username</read_fact>

  <default_input into="strings_to_leak">
    <generator type="message_generator" />
@@ -29,8 +29,35 @@
    <generator type="filename_generator" />
  </default_input>

-  <default_input into="leaked_username">
+  <default_input into="unix_username">
    <generator type="username_generator" />
  </default_input>

-</vulnerability>
+  <reference>https://s3.amazonaws.com/files.joaomatosf.com/slides/alligator_slides.pdf</reference>
+  <software_name>jboss</software_name>
+  <software_license>LGPL v2.1</software_license>
+
+  <msf_module>exploits/multi/misc/jboss_remoting_unified_invoker_rce</msf_module>
+  <solution>JBoss is vulnerable.</solution>
+
+  <requires>
+    <type>update</type>
+  </requires>
+
+  <CyBOK KA="MAT" topic="Attacks and exploitation">
+    <keyword>EXPLOITATION</keyword>
+    <keyword>EXPLOITATION FRAMEWORKS</keyword>
+  </CyBOK>
+  <CyBOK KA="SS" topic="Categories of Vulnerabilities">
+    <keyword>CVEs and CWEs</keyword>
+  </CyBOK>
+  <CyBOK KA="SOIM" topic="PENETRATION TESTING">
+    <keyword>PENETRATION TESTING - SOFTWARE TOOLS</keyword>
+    <keyword>PENETRATION TESTING - ACTIVE PENETRATION</keyword>
+  </CyBOK>
+  <CyBOK KA="WAM" topic="Server-Side Vulnerabilities and Mitigations">
+    <keyword>server-side misconfiguration and vulnerable components</keyword>
+    <keyword>Serialized objects</keyword>
+  </CyBOK>
+
+</vulnerability>
--- a/modules/vulnerabilities/unix/misc/jboss_remoting_unified_invoker_rce/templates/jboss.service.erb
+++ b/modules/vulnerabilities/unix/misc/jboss_remoting_unified_invoker_rce/templates/jboss.service.erb
@@ -9,4 +9,4 @@ Restart=on-abort
 RestartSec=1

 [Install]
-WantedBy=multi-user.target
+WantedBy=multi-user.target