Blog Category

Viewing blog posts in a specific category.

Exploiting JMX to Achieve Administrative Control

Posted in Cyber-Security, Tech, Tutorials on Nov 22, 2021

This post outlines the steps taken to exploit the sandboxed, non-admin JMX feature to gain elevated unrestricted access to a Windows system running Server 2008 R2. This is a second-stage attack using a previously-compromised Linux box as a pivot point within the target network.