|
You are here |
www.veracode.com | ||
| | | | |
taeluralexis.com
|
|
| | | | | In this writeup, we'll exploit a Linux machine on Hack The Box with CVE-2023-46604, leveraging Java deserialization for remote code execution. | |
| | | | |
y4y.space
|
|
| | | | | Intro The exploitation of this RCE consists of two parts, one being the lack of authentication validation to h5-vsan endpoint, and another being the unsafe reflection usage in Java which then caused a JNDI injection. I was not smart enough to come up with the JDNI attack chain, but certainly learned a lot while attempting... | |
| | | | |
b.agilob.net
|
|
| | | | | ||
| | | | |
shpota.com
|
|
| | | Docker is not a new technology anymore. In the meanwhile, it has become an everyday tool for many developers. However, there are still a lot of people out th... | ||