jmx console jmxinvoker
http://breenmachine.blogspot.de/2013/09/jboss-jmxinvokerservlet-exploit.html
http://infosecdailydigest.com/2013/10/14/metasploit-demo-jboss-deploymentfilerepository-war-deployment/
http://blog.imperva.com/2013/11/threat-advisory-a-jboss-as-exploit-web-shell-code-injection.html
http://www.iss.net/security_center/reference/vuln/HTTP_JBoss_Deploy_Exec.htm
http://matasano.com/research/OWASP3011_Luca.pdf
https://www.redteam-pentesting.de/publications/2009-11-30-Whitepaper_Whos-the-JBoss-now_RedTeam-Pentesting_EN.pdf
http://www.exploit-db.com/exploits/28713/
http://infosecdailydigest.com/2013/10/14/metasploit-demo-jboss-deploymentfilerepository-war-deployment/
http://blog.imperva.com/2013/11/threat-advisory-a-jboss-as-exploit-web-shell-code-injection.html
http://www.iss.net/security_center/reference/vuln/HTTP_JBoss_Deploy_Exec.htm
http://matasano.com/research/OWASP3011_Luca.pdf
https://www.redteam-pentesting.de/publications/2009-11-30-Whitepaper_Whos-the-JBoss-now_RedTeam-Pentesting_EN.pdf
http://www.exploit-db.com/exploits/28713/