cliffe
commented
4 months ago Ensure the flag is leaked by the jboss user permission
Open cliffe opened 5 months ago
cliffe
commented
4 months ago Ensure the flag is leaked by the jboss user permission
https://github.com/cliffe/SecGen/blob/ee5c9c2a2c830ebd08e20e7ed202053d9c4e2382/modules/vulnerabilities/unix/misc/jboss_remoting_unified_invoker_rce/manifests/flags.pp#L7
We should follow SecGen convention and put the flag somewhere obvious (/home) -- successful exploitation doesn't always land the attacker in the directory we are using. Also check the filename passed in is used correctly (seems to be using defaults rather than what's passed in by the scenario).