Source: http://iffiffj.iteye.com/blog/1404148
Save the following code as a bat file and run it on the JBoss node.
@echo Offset HOME=%~dp0set Jmx_console=%home%\deploy\jmx-Console.warset Jbossws_context=%home%\deploy\jbossws.sar\jbossws-Context.warset Web_console=%home%\deploy\management\console-mgr.sar\web-Console.warset Root_console=%home%\deploy\jboss-Web.deployer\root.warset Root_context=%home%\deploy\jboss-Web.deployer\context.xmlecho%home% for/d%%iinch(%jmx_console%%jbossws_context%%web_console%%root_console%) Do(echo Delete directory%%I@rd/S/q"%%i") del/q"%root_context%"Pause
Of course, there are other solutions, such as adding passwords:
1, a pseudo-hacker's successful secret 2:jboss invasion
2. JBoss Jmx-console and Web-console security settings
And an article on security vulnerability Analysis:
Hisense Group One station JBoss configuration defect can be deployed remotely Webshell
Delete Jmx-console, Web-console, ws-console, status services under JBoss eap4.3