JNLP Injection to Muli-OS Code Execution - Paper

2021-06-25
ID: 104512
CVE: None
Download vulnerable application: None
# Exploit Title: BIZARRELOVETRIANGLE & FULLCLIP - JNLP Injection to Muli-OS Code Execution

# Date: 6/2
# Exploit Author: Ken ‘s1ngular1ty’ Pyle
# Vendor Homepage: multiple
# Software Link: multiple
# Version: multiple
# Tested on: multiple
# CVE : multiple


This initial work serves to provide an accessible and now acknowledged exploitation technique based on publicly available software, recognized attacks, and vendor acknowledged 0-day exposures across multiple operating systems and software packages from CISCO, DELL, ORACLE, HP, SUPERMICRO, HONEYWELL, and others.

This paper provides essential PoC for JNLP Injection, an example of passive Code Execution Hijacking of JNLP / Java execution through DNS abuses, a novel method of automatic code execution through fundamental flaws in web design. Several JNLP / XML injection attacks against webservers and applications which do not “natively support” the format or provide unsafe parameter checks will also be outlined.



https://cybir.com/2021/uncategorized/jnlp-parameter-injection-attacks-to-remote-persistent-multi-os-code-execution-bizarrelovetriangle-fullclip-moonagedaydream/



https://cybir.com/wp-content/uploads/2021/06/JNLP-Injection-and-Attacks-Release.pdf


Ken Pyle
M.S. IA, CISSP, HCISPP, ECSA, CEH, OSCP, OSWP, EnCE, Sec+
CYBIR.com

    Main: 267-540-3337<tel:267-540-3337>
    Direct: 484-498-8340<tel:484-498-8340>
    Email: [email protected]<mailto:[email protected]>
    Website: www.cybir.com<http://www.cybir.com/>
1-4-2 (www02)