当前位置:网站首页>Log4j2 vulnerability recurrence and analysis
Log4j2 vulnerability recurrence and analysis
2022-07-03 08:42:00 【Programmer small circle】
Loophole recurrence :
give the result as follows :
It can be seen that it is not printed param Specific parameter information , Instead, the server version information is printed , This will create injection vulnerabilities , This vulnerability is due to JNDI As a result of , Here are the specific JNDI Inject
JNDI:RMI Inject
stay jdk8u121 7u131 6u141 Version start default com.sun.jndi.rmi.object.trustURLCodebase Set to false,rmi Loading remote bytecode will not execute successfully .
边栏推荐
- Sequence of map implementation classes
- Jupyter remote server configuration and server startup
- 【Rust笔记】06-包和模块
- Mysql容器化(1)Docker安装MySQL
- MySQL 8
- GIS实战应用案例100篇(七十八)-多规合一数据库设计及数据入库
- JS ternary operator - learning notes (with cases)
- [concurrent programming] consistency hash
- Transmit pictures with Base64 encoding
- [concurrent programming] synchronization container, concurrent container, blocking queue, double ended queue and work secret
猜你喜欢
Vscode, idea, VIM development tool shortcut keys
Drawing maze EasyX library with recursive backtracking method
Some understandings of 3dfiles
Dealing with duplicate data in Excel with xlwings
Dom4j遍历和更新XML
Unity Editor Extension - drag and drop
![[updating] wechat applet learning notes_ three](/img/05/958b8d62d3a42b38ca1a2d8631a7f8.png)
[updating] wechat applet learning notes_ three
Mall management system of database application technology course design
MySQL 8
Unity editor expansion - draw lines
随机推荐
【Rust笔记】05-错误处理
UE4 source code reading_ Mobile synchronization
Servlet的生命周期
How to deal with the core task delay caused by insufficient data warehouse resources
Simply start with the essence and principle of SOM neural network
基于SSM的校园失物招领平台,源码,数据库脚本,项目导入运行视频教程,论文撰写教程
Cesium for unreal quick start - simple scenario configuration
Redis cluster series 4
Animation_ IK overview
Redis data structure
Gradle's method of dynamically modifying APK package name
[rust note] 10 operator overloading
Unity editor expansion - controls, layouts
Mxone Pro adaptive 2.0 film and television template watermelon video theme apple cmsv10 template
Redux - learning notes
Why can void * be a general pointer
Mall management system of database application technology course design
Unity Editor Extension - drag and drop
UE4 source code reading_ Bone model and animation system_ Animation node
JS ternary operator - learning notes (with cases)