Reversing JNBridge to Build an n-day Exploit for CVE-2019-7839

I was chatting to @Random_Robbie at the inaugural BSides Liverpool (@BSidesLivrpool), when he mentioned a new Adobe ColdFusion RCE and then said… “There’s no public exploit.” I’ve dabbled a bit…

Advertisements

Improving the BMC RSCD RCE Exploit

Last week I wrote about how I semi-blindly produced an RCE exploit for the BMC Server Automation RSCD service without access to a test environment. Since then I’ve got my…

RCE with BMC Server Automation

If you’ve ever come across BMC Server Automation during network scanning then you may have seen Nessus flag up a Critical vulnerability titled “BMC Server Automation RSCD Agent Weak ACL NSH…