Java Applet Reflection Type Confusion Remote Code Execution

Java Applet Reflection Type Confusion Remote Code ExecutionThis module abuses Java Reflection to generate a Type Confusion, due to a weak access control when setting final fields on static classes, and run code outside of the Java Sandbox. The vulnerability affects Java version 7u17 and earlier. This exploit bypasses click-to-play throw a specially crafted JNLP file. This bypass is applied mainly to IE, when Java Web Start can be launched automatically throw the ActiveX control. Otherwise the applet is launched without click-to-play bypass.Exploit...

Read More

How to Solve problem of wpscan in Backtrack 5 r3?

Wpscan is wordpress security scanner, which is pre-installed in backtrack 5 , but it`s outdated version, so when you tried to update it, you may  have face some problems. Here is solution which work for me.cd /pentest/webrm -rf wpscangit clone https://github.com/wpscanteam/wpscan.gitcd wpscangem install bundler && bundle install --without test developmentapt-get install libxml2 libxml2-dev libxslt1-devgem install  bundlerbundle install ruby ./wpscan.rb==WPSCAN ARGUMENTS==--update   Update to the latest revision--url  ...

Read More