Liferay CE Portal Groovy-Console Remote Command Execution

Posted by deepcore on March 12, 2019 – 8:03 pm

This Metasploit module uses the Liferay CE Portal Groovy script console to execute OS commands. The Groovy script can execute commands on the system via a [command].execute() call. Valid credentials for an application administrator user account are required. This module has been tested successfully with Liferay CE Portal Tomcat 7.1.2 ga3 on Debian 4.9.18-1kali1 system.

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« [dos] Core FTP 2.0 build 653 – 'PBSZ' Denial of Service (PoC) Linux Kernel 4.4 (Ubuntu 16.04) snd_timer_user_ccallback() Kernel Pointer Leak »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Liferay CE Portal Groovy-Console Remote Command Execution

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL