XMPP/Jabber
Pentesting XMPP/Jabber - TCP Ports 5222, 5269, 8010
Last updated
Was this helpful?
Pentesting XMPP/Jabber - TCP Ports 5222, 5269, 8010
Last updated
Was this helpful?
Extensible Messaging and Presence Protocol (XMPP, originally named Jabber) is an open communication protocol designed for instant messaging (IM), presence information, and contact list maintenance. Based on XML (Extensible Markup Language), it enables the near-real-time exchange of structured data between two or more network entities. The service usually run over ports TCP 5222, 5269 or 8010
Pidgin is a chat program that allows to connect to multiple chat networks, including XMPP servers.
Openfire is an instant messaging (IM) and groupchat server for the Extensible Messaging and Presence Protocol (XMPP) written in Java.
CVE-2023-32315 is a path traversal vulnerability found in the web-based Admin Console of Openfire. This security flaw enables unauthenticated users to access restricted pages that are meant exclusively for administrative use within a configured Openfire environment. Successful exploitation of this vulnerability allows an attacker to create a new administrative user.
This vulnerability impacts all Openfire versions released after April 2015, commencing from version 3.10.0. The issue has been patched in releases 4.7.5 and 4.6.8.
The CVE-2023-32315 python script allow to exploit this vulnerability
If you have administrator access to the Openfire console, you can achieve remote code execution by deploying a web shell through a plugin upload. To do this, follow these steps:
go to tab plugin > upload plugin openfire-management-tool-plugin.jar
go to tab server > server settings > Management tool
Access the websehll with password "123"
We should now be able to execute commands
