当前位置:网站首页>Log4j2 vulnerability recurrence and analysis
Log4j2 vulnerability recurrence and analysis
2022-07-03 08:42:00 【Programmer small circle】
Loophole recurrence :
give the result as follows :
It can be seen that it is not printed param Specific parameter information , Instead, the server version information is printed , This will create injection vulnerabilities , This vulnerability is due to JNDI As a result of , Here are the specific JNDI Inject
JNDI:RMI Inject
stay jdk8u121 7u131 6u141 Version start default com.sun.jndi.rmi.object.trustURLCodebase Set to false,rmi Loading remote bytecode will not execute successfully .
边栏推荐
- 【Rust 笔记】09-特型与泛型
- Osgconv tool usage
- Drawing maze EasyX library with recursive backtracking method
- 请求参数的发送和接收
- Redis的数据结构
- Vscode, idea, VIM development tool shortcut keys
- Eating fruit
- [concurrent programming] explicit lock and AQS
- Explain sizeof, strlen, pointer, array and other combination questions in detail
- Chocolate installation
猜你喜欢
XPath实现XML文档的查询
![[cloud native] introduction and use of feign of microservices](/img/39/05cf7673155954c90e75a8a2eecd96.jpg)
[cloud native] introduction and use of feign of microservices
UE4 source code reading_ Bone model and animation system_ Animation compression
matlab神经网络所有传递函数(激活函数)公式详解
Notes on understanding applets 2022/7/3
Mall management system of database application technology course design
Use of ue5 QRcode plug-in
JS ternary operator - learning notes (with cases)
Collection interface
ES6 promise learning notes
随机推荐
XPath实现XML文档的查询
Collection interface
Why can void * be a general pointer
[rust notes] 02 ownership
Unity editor expansion - draw lines
Final review of Database Principles
100 GIS practical application cases (78) - Multi compliance database design and data warehousing
JS non Boolean operation - learning notes
基于SSM的校园失物招领平台,源码,数据库脚本,项目导入运行视频教程,论文撰写教程
Display terrain database on osgearth ball
[rust notes] 08 enumeration and mode
UE4 source code reading_ Bone model and animation system_ Animation compression
Image processing 8-cnn image classification
Graphics_ Learnopongl learning notes
数据库原理期末复习
Huawei interview summary during the epidemic
Ue5 opencv plug-in use
了解小程序的笔记 2022/7/3
【K&R】中文第二版 个人题解 Chapter1
【Rust 笔记】07-结构体