Posted 2021-08-31Updated 2021-08-31web security17 minutes read (About 2498 words)How Did I Find Weblogic T3 RCETo share my methodRead more
Posted 2020-07-17Updated 2020-07-17web security27 minutes read (About 4026 words)SCTF 2020 两道Login Me预期解的核心技术发这篇文章的时候已经毕业快一月了,感谢Syclover老学长们和小伙伴的一路帮助,感谢相遇。Read more
Posted 2020-05-05Updated 2020-07-11web security25 minutes read (About 3751 words)De1tactf2020 pentest非预期解与预期解把一些停留在理论认知上的高级攻击姿势全部操练了一遍,学到很多。Read more
Posted 2020-04-26Updated 2024-08-1112 minutes read (About 1771 words)tomcat ajp 漏洞分析漏洞原理本身很简单,值得学习的是tomcat运行的宏观流程,值得思考的是长亭的师傅是怎么挖到的。Read more
Posted 2020-04-18Updated 2020-07-11web security10 minutes read (About 1489 words)c3p0的三个gadget除了常见的http base之外,在某些情况下c3p0可以使用jndi和hex序列化字节加载器来进行rce。Read more
Posted 2020-04-09Updated 2020-07-11web security11 minutes read (About 1691 words)tomcat不出网回显连续剧第六集离大结局又进了一步Read more
Posted 2020-03-25Updated 2020-07-1132 minutes read (About 4746 words)weblogic历史T3反序列化漏洞及补丁梳理weblogic历史T3反序列化漏洞及补丁梳理Read more
Posted 2020-03-21Updated 2020-07-114 minutes read (About 576 words)重新编译jmet小记在一次渗透测试过程中,发现内网有一些activemq版本很老官网的jmet打不了需要重新编译,踩了一些坑。Read more
Posted 2020-02-24Updated 2020-07-11web security10 minutes read (About 1557 words)linux下java反序列化通杀回显方法的低配版实现其实这个思路距离实现标配版的效果就一步之遥了~Read more
Posted 2020-02-14Updated 2020-07-11web security17 minutes read (About 2621 words)Java原生序列化与反序列化代码简要分析写这篇文章目的主要在于进一步理解何为java原生反序列化,并且回答如下的几个问题。Read more