module

MobileIron Core Unauthenticated JNDI Injection RCE (via Log4Shell)

Try Surface Command
Back to search
Disclosed
2021-12-12
Created
2022-08-29

Description

MobileIron Core is affected by the Log4Shell vulnerability whereby a JNDI string sent to the server
will cause it to connect to the attacker and deserialize a malicious Java object. This results in OS
command execution in the context of the tomcat user.

This module will start an LDAP server that the target will need to connect to.

Authors

Spencer McIntyre
RageLtMan rageltman@sempervictus
rwincey
jbaines-r7

References

Module Options

To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:


    msf > use exploit/linux/http/mobileiron_core_log4shell
    msf exploit(mobileiron_core_log4shell) > show targets
        ...targets...
    msf exploit(mobileiron_core_log4shell) > set TARGET < target-id >
    msf exploit(mobileiron_core_log4shell) > show options
        ...show and set options...
    msf exploit(mobileiron_core_log4shell) > exploit
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today