January 26, 2018
Popping Password-“Protected” JMX
The name gives it away, Java Management Extensions (JMX) is a potentially juicy target for attack. One of the ways that a JMX service may be exposed is using Java…
Posts filed under JMX
October 22, 2017
Analysis of CVE-2017-12628
This morning I spotted a tweet mentioning an “Apache James 3.0.1 JMX Server Deserialization” vulnerability, CVE-2017-12628, which caught my eye because I wrote a generic JMX deserialization exploit which is…