Awesome! A lot of servers have their JBoss Management Console open to the world, without any authentication, no password, no security! A huge and silly vulnerability!
Any remote user can completely control the server, having full control to a lot of server configurations and internal network and infrastructure information disclosure, you can change the web service listening port (I test this with one of them, then I put back the original port), view internal IPs and start connections to a client, a lot of server absolute paths, you can change security configurations… too much power with almost no knowledge needed.
This vulnerable JBoss servers let open access to anybody to jmx-console and web-console, these are the online administration tools of JBoss.
There still are a lot of this kind of silly vulnerabilities in the Internet… theres not a JBoss vulnerability, theres a people vulnerability!
Oh, I almost forgot it… you can find all the vulnerable servers using my online Google Parser tool who I wrote a couple of weeks ago. With it you can get a clean list of all the vulnerable sites searching for:
intitle:”jboss management console” “application server” version inurl:”web-console”
or
intitle:”JBoss Management Console – Server Information” “application server” inurl:”web-console” OR inurl:”jmx-console”
You can try different Google search strings and get a clean list of URLs of the Google search results with my Google Parser online tool.
It’s amazing how developers and network administrators still doesn’t pay real attention to security!