We can deploy the BSH script using the webconsole_invoker.rb script:
- Executing the Ruby script with the -h flag will show us a list of options, as in the following screenshot:
- We now run the script and pass the target Invoker URL along with the Invoke method. In our case, we will use the createScriptDeployment() method. This method takes two input types, both as String, so we pass them in the -s flag, and then we pass the path to our BSH file (with the filename and the name of the deployer passed with the -p flag), as shown:
- After executing the script, our test.war file will be deployed, which will create our shell in the /test/ directory inside our home directory:
Browsing to the URL allows us to access the JSP-based web shell that was uploaded, as we can see in the preceding screenshot.