Skip to content
{ 2009 06 04 }

“Who’s the JBoss now?” Whitepaper released

We finally released the Whitepaper for our JBoss Application Server talk (the one we held e.g. at the hack.lu 2008 and the 16th DFN-CERT).

The paper gives you a more detailed overview about the JBoss AS internals we used in the attacks, as well as a complete description of the individual exploitation techniques.

The only catch is that the paper is written in German, as it was first published in the DFN-CERT’s workshop book. Maybe I’ll translate it someday, but at the moment there’s just not enough time to sit down and do this for almost 30 pages. See it as an interesting way to brush up on your German ;).

Posted by phof on Thursday, June 4, 2009, at 13:10. Filed under Hacking, Talks. Tagged , , . Follow any responses to this post with its comments RSS feed. You can post a comment or trackback from your blog.

{ 1 } Trackback

  1. RedTeam : JBoss Paper: English version released | 2009-Dec-01 at 10:50 | Permalink

    [...] finally came around to translate and release the 27+ pages of our JBoss paper (see also this post). That was quite some work, the first versions of my translations always read like a one-to-one [...]

Post a Comment

Your email is never published nor shared.