hengyunabc / Dubbo Apache Commons Collections Bug
演示dubbo rpc Apache commons collections 的Java序列化漏洞
Stars: ✭ 39
Programming Languages
shell
77523 projects
演示Apache Commons Collections远程代码执行漏洞,在dubbo rpc上验证。
漏洞参考:http://blog.chaitin.com/2015-11-11_java_unserialize_rce/
漏洞演示
下载代码
git clone [email protected]:hengyunabc/dubbo-apache-commons-collections-bug.git
启动dubbo service server
cd dubbo-apache-commons-collections-bug
mvn exec:java -Dexec.mainClass="Provider"
启动dubbo client
cd dubbo-apache-commons-collections-bug
mvn exec:java -Dexec.mainClass="Consumer"
调用成功的话,可以发现多了 /tmp/xxxx 文件。
如果是windows,可以修改下代码,把 src/main/java/Consumer.java 里的command改为 calc.exe :
//windows下面可换为 calc.exe
String command = "touch /tmp/xxxx";
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].