# update 3/31 – added Reverse Shell JCL – this can be used by any direct-to-JES2 delivery method (e.g. FTP, NJE, etc)
In continuation of adding more mainframe functionality to Metasploit, I’ve built (and am in the process of incorporating) JCL (job control language)-based payloads (and exploits which use them) within the framework.
Once these updates are complete, Metasploit users with credentials (or some other type of vulnerability exploit), will be able to submit jobs directly to JES2 via ftp(/s) or NJE (hats off to Soldier of Fortran, for the python prototype of NJE).
I’ll keep a running tally of the Pull Requests here, along with demonstrations and updates.
The first PR is simply a basic JCL cmd payload, that does nothing but submit a job which always returns a code 0 (success).
More to come!