Tomcat 远程命令执行漏洞(CVE-2024-50379)
Tomcat 远程命令执行漏洞(CVE-2024-50379)前言中午突然看见Tomcat出漏洞了,还是RCE就想赶紧分析一把,虽然看着很眼熟(CVE-2017-12615),但是实际测试下来,还是有一个不同的,那就是我们需要绕过路径检查,下面是我分析的过程。 分析影响版本11.0.0-M1 <= Apache Tomcat < 11.0.2 10.1.0-M1 <&#
解析语言内存马注入(一)
解析语言内存马注入(一)前言在一直以来的漏洞挖掘和攻防过程中,我们会发现经常会出现表达式语言注入漏洞,而为了稳定获取权限就不可避免的需要注入内存马 解析语言概述本文会测试使用的表达式语言基本都是常见的java表达式语言或常见模板,一共6种,如下所示: 123456ELOGNLSPELThymeleafVelocityFreeMarker 解析语言介绍EL表达式EL表达式全名Expression
Java_JDBC(commonscollection3.2.2)Bypass
Java_JDBC(commonscollection3.2.2)Bypass0x01 分析题目简单捋捋信息,访问题目得到一个连接测试页面 题目给出的附件如下: 不难看出考点是DB2的JNDI注入,DB2打JNDI的payload大致如下: 1jdbc:db2://127.0.0.1:50001/db:clientRerouteServerListJNDIName=ldap://127.0.0
CVE-2023-41544(JeecgBoot FreeMarker SSTI)
DescriptionThe JeecgBoot/jeecg boot/jmreport/loadTableData Api interface does not have identity verification. Freemarker is used to process SQL parameters passed in by the user, and arb
CVE-2023-41543(JeecgBoot Sql Injection)
DescriptionJEECG Boot v3.5.3 was discovered to contain a SQL injection in /sys/replicate/check Affected versionJeecgBoot <= v3.5.3 Vulnerability AnalysisIt was found that the fr
CVE-2022-22972(VM_access_Identity_authentication_bypass)
Vulnerability DescriptionVMware is a provider of global desktop to data center virtualization solutions, offering products including our most familiar VMware Workstation, a desktop virtual computing s