Must Read

JDWP Remote Code Execution flaw discovered in PayPal

JDWP Remote Code Execution

Another reason why you shouldn’t use PayPal beside all the limitation you can face with and often security flaw discovery in popular payment service which is owned by the eBay global e-commerce business. The remote code execution vulnerability in the (JDWP) discovered by security researcher, Milan Solanki has been reported Critical with CVSS count of 9.3

The (JDWP) Java Debug Wire Protocol is used for control between a debugger and (VM) Java Virtual Machine. However, JDWP is one layer with the (JPDA) Java Platform Debugger Architecture which does not utilize any form of authentication and it’s open in the wild to hackers that can execute arbitrary code on the affected host.

There is a tool on GitHub jdwp-shellifier that Solanki have used to execute remote code in tho JVM and get some information like open ports, operation system, java version and so on. In this example, he manages to find an open port 8000 and then he just executed the code after accepting a connection.

Proof-of-concept video of hack in action and Released document of bug bounty program.

About nona (27 Articles)
Founder of The Hack Times, information gathering and cyber security specialist , always one step ahead. Open for communication.

Leave a comment

Your email address will not be published.