Testing the security of a GlassFish web server with Metasploit

GlassFish is yet another open source application server. GlassFish is highly Java-driven and has been accepted widely in the industry. In my experience of penetration testing, I have come across GlassFish-driven web servers several times but quite rarely, say 1 out of 10 times. However, more and more businesses are moving onto GlassFish technology; we must keep up. In our scan, we found a GlassFish server running on port 8080 with its servlet running on port 4848. Let's dig into Metasploit again to search any modules for a GlassFish web server:

Searching the module, we will find ...

Get Metasploit Revealed: Secrets of the Expert Pentester now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.