-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathindex.html
More file actions
37 lines (37 loc) · 21.1 KB
/
Copy pathindex.html
File metadata and controls
37 lines (37 loc) · 21.1 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
<!DOCTYPE html><html lang="zh-CN"><head><meta name="generator" content="Hexo 3.8.0"><meta http-equiv="content-type" content="text/html; charset=utf-8"><meta content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=0" name="viewport"><meta content="yes" name="apple-mobile-web-app-capable"><meta content="black-translucent" name="apple-mobile-web-app-status-bar-style"><meta content="telephone=no" name="format-detection"><meta name="description"><title>Patrilic's blog | 不忘初心</title><link rel="stylesheet" type="text/css" href="/css/style.css?v=0.0.0"><link rel="stylesheet" type="text/css" href="//lib.baomitu.com/normalize/8.0.1/normalize.min.css"><link rel="stylesheet" type="text/css" href="//lib.baomitu.com/pure/1.0.0/pure-min.css"><link rel="stylesheet" type="text/css" href="//lib.baomitu.com/pure/1.0.0/grids-responsive-min.css"><link rel="stylesheet" href="//lib.baomitu.com/font-awesome/4.7.0/css/font-awesome.min.css"><script type="text/javascript" src="//lib.baomitu.com/jquery/3.4.0/jquery.min.js"></script><link rel="icon" mask sizes="any" href="/favicon.ico"><link rel="Shortcut Icon" type="image/x-icon" href="/favicon.ico"><link rel="apple-touch-icon" href="/apple-touch-icon.png"><link rel="apple-touch-icon-precomposed" href="/apple-touch-icon.png"><link rel="alternate" type="application/atom+xml" href="/atom.xml"></head><body><div class="body_container"><div id="header"><div class="site-name"><h1 class="hidden">Patrilic's blog</h1><a id="logo" href="/.">Patrilic's blog</a><p class="description">不忘初心</p></div><div id="nav-menu"><a class="current" href="/."><i class="fa fa-home"> 首页</i></a><a href="/archives/"><i class="fa fa-archive"> 归档</i></a><a href="/2019/04/01/Hello/"><i class="fa fa-user"> 关于</i></a><a href="/atom.xml"><i class="fa fa-rss"> 订阅</i></a></div></div><div class="pure-g" id="layout"><div class="pure-u-1 pure-u-md-3-4"><div class="content_container"><div class="post"><h1 class="post-title"><a href="/2099/12/31/Tomorrow/">Tomorrow</a></h1><div class="post-meta">2099-12-31</div><a class="disqus-comment-count" data-disqus-identifier="2099/12/31/Tomorrow/" href="/2099/12/31/Tomorrow/#disqus_thread"></a><div class="post-content"><p><img src="/wallpaper/thumb-1920-485164.jpg" alt></p>
<h5 id="这里有一个秘密"><a href="#这里有一个秘密" class="headerlink" title="这里有一个秘密"></a>这里有一个秘密</h5><figure class="highlight plain"><figcaption><span>engine</span></figcaption><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br></pre></td><td class="code"><pre><span class="line">➜ ~ cat /Users/patrilic/Desktop/Secret.log</span><br><span class="line">cat: /Users/patrilic/Desktop/Secret.log: Permission denied</span><br></pre></td></tr></table></figure></div><p class="readmore"><a href="/2099/12/31/Tomorrow/">阅读全文</a></p></div><div class="post"><h1 class="post-title"><a href="/2020/04/06/Java ClassLoader/">Java ClassLoader</a></h1><div class="post-meta">2020-04-06</div><a class="disqus-comment-count" data-disqus-identifier="2020/04/06/Java ClassLoader/" href="/2020/04/06/Java ClassLoader/#disqus_thread"></a><div class="post-content"><blockquote>
<p>@Author: Patrilic<br>@Time: 2020-4-06 23:17:44</p>
</blockquote>
<p><img src="/wallpaper/silhouette_1.jpg" alt></p>
<h2 id="0x00-前言"><a href="#0x00-前言" class="headerlink" title="0x00 前言"></a>0x00 前言</h2><p>ClassLoader 顾名思义就是类的加载器,用来动态加载JavaClass到JVM中</p></div><p class="readmore"><a href="/2020/04/06/Java ClassLoader/">阅读全文</a></p></div><div class="post"><h1 class="post-title"><a href="/2020/03/25/Tomcat-Ajp协议漏洞分析(CVE-2020-1938)/">Tomcat-Ajp协议漏洞分析(CVE-2020-1938)</a></h1><div class="post-meta">2020-03-25</div><a class="disqus-comment-count" data-disqus-identifier="2020/03/25/Tomcat-Ajp协议漏洞分析(CVE-2020-1938)/" href="/2020/03/25/Tomcat-Ajp协议漏洞分析(CVE-2020-1938)/#disqus_thread"></a><div class="post-content"><blockquote>
<p>@Author: Patrilic<br>@Time: 2020-3-25 19:16:24</p>
</blockquote>
<p><img src="/wallpaper/girl_umbrella11.jpg" alt></p>
<h2 id="0x00-前言"><a href="#0x00-前言" class="headerlink" title="0x00 前言"></a>0x00 前言</h2><p>CVE-2020-1938 又名GhostCat, 之前引起了一场风雨,由长亭科技安全研究员发现的存在于 Tomcat 中的安全漏洞,由于 Tomcat AJP 协议设计上存在缺陷,攻击者通过 Tomcat AJP Connector 可以读取或包含 Tomcat 上所有 webapp 目录下的任意文件,例如可以读取 webapp 配置文件或源代码。此外在目标应用有文件上传功能的情况下,配合文件包含的利用还可以达到远程代码执行的危害。</p></div><p class="readmore"><a href="/2020/03/25/Tomcat-Ajp协议漏洞分析(CVE-2020-1938)/">阅读全文</a></p></div><div class="post"><h1 class="post-title"><a href="/2020/03/24/Jackson-databind 反序列化漏洞分析 (CVE-2020-8840)/">Jackson-databind 反序列化漏洞分析 (CVE-2020-8840)</a></h1><div class="post-meta">2020-03-24</div><a class="disqus-comment-count" data-disqus-identifier="2020/03/24/Jackson-databind 反序列化漏洞分析 (CVE-2020-8840)/" href="/2020/03/24/Jackson-databind 反序列化漏洞分析 (CVE-2020-8840)/#disqus_thread"></a><div class="post-content"><blockquote>
<p>@Author: Patrilic<br>@Time: 2020-3-24 20:13:43</p>
</blockquote>
<p><img src="/wallpaper/silhouette2.jpg" alt></p>
<h2 id="0x00-前言"><a href="#0x00-前言" class="headerlink" title="0x00 前言"></a>0x00 前言</h2><p>Jackson是一款当下流行的json解释器,主要负责处理Json的序列化和反序列化。<br>jackson核心模块由三部分构成:</p></div><p class="readmore"><a href="/2020/03/24/Jackson-databind 反序列化漏洞分析 (CVE-2020-8840)/">阅读全文</a></p></div><div class="post"><h1 class="post-title"><a href="/2020/03/19/commons-collections-3.1 反序列化分析/">commons-collections-3.1 反序列化分析</a></h1><div class="post-meta">2020-03-19</div><a class="disqus-comment-count" data-disqus-identifier="2020/03/19/commons-collections-3.1 反序列化分析/" href="/2020/03/19/commons-collections-3.1 反序列化分析/#disqus_thread"></a><div class="post-content"><blockquote>
<p>@Author: Patrilic<br>@Time: 2020-3-19 23:24:22</p>
</blockquote>
<p><img src="/wallpaper/silhouette.jpg" alt></p>
<h2 id="0x00-Build"><a href="#0x00-Build" class="headerlink" title="0x00 Build"></a>0x00 Build</h2><p>Jdk version : 7u80<br>pom.xml:<br><figure class="highlight xml"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br></pre></td><td class="code"><pre><span class="line"><span class="meta"><?xml version="1.0" encoding="UTF-8"?></span></span><br><span class="line"><span class="tag"><<span class="name">project</span> <span class="attr">xmlns</span>=<span class="string">"http://maven.apache.org/POM/4.0.0"</span></span></span><br><span class="line"><span class="tag"> <span class="attr">xmlns:xsi</span>=<span class="string">"http://www.w3.org/2001/XMLSchema-instance"</span></span></span><br><span class="line"><span class="tag"> <span class="attr">xsi:schemaLocation</span>=<span class="string">"http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">modelVersion</span>></span>4.0.0<span class="tag"></<span class="name">modelVersion</span>></span></span><br><span class="line"></span><br><span class="line"> <span class="tag"><<span class="name">groupId</span>></span>commons-collections<span class="tag"></<span class="name">groupId</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">artifactId</span>></span>commons-collections<span class="tag"></<span class="name">artifactId</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">version</span>></span>1.0-SNAPSHOT<span class="tag"></<span class="name">version</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">dependencies</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">dependency</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">groupId</span>></span>commons-collections<span class="tag"></<span class="name">groupId</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">artifactId</span>></span>commons-collections<span class="tag"></<span class="name">artifactId</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">version</span>></span>3.1<span class="tag"></<span class="name">version</span>></span></span><br><span class="line"> <span class="tag"></<span class="name">dependency</span>></span></span><br><span class="line"></span><br><span class="line"> <span class="tag"></<span class="name">dependencies</span>></span></span><br><span class="line"></span><br><span class="line"><span class="tag"></<span class="name">project</span>></span></span><br></pre></td></tr></table></figure></p></div><p class="readmore"><a href="/2020/03/19/commons-collections-3.1 反序列化分析/">阅读全文</a></p></div><div class="post"><h1 class="post-title"><a href="/2020/03/18/Java Reflection/">Java Refection</a></h1><div class="post-meta">2020-03-18</div><a class="disqus-comment-count" data-disqus-identifier="2020/03/18/Java Reflection/" href="/2020/03/18/Java Reflection/#disqus_thread"></a><div class="post-content"><blockquote>
<p>@Author: Patrilic<br>@Time: 2020-3-18 17:43:11</p>
</blockquote>
<p><img src="/wallpaper/silhouette_starry_sky_stars_1312.jpg" alt></p></div><p class="readmore"><a href="/2020/03/18/Java Reflection/">阅读全文</a></p></div><div class="post"><h1 class="post-title"><a href="/2020/03/18/Java 反序列化/">Java反序列化学习</a></h1><div class="post-meta">2020-03-18</div><a class="disqus-comment-count" data-disqus-identifier="2020/03/18/Java 反序列化/" href="/2020/03/18/Java 反序列化/#disqus_thread"></a><div class="post-content"><blockquote>
<p>@Author: Patrilic<br>@Time: 2020-3-18 11:26:55</p>
</blockquote>
<p><img src="/wallpaper/girl_field_night.jpg" alt></p>
<h2 id="0x00-前言"><a href="#0x00-前言" class="headerlink" title="0x00 前言"></a>0x00 前言</h2><p>Java中只需要实现<code>java.io.Serializable</code>或者<code>java.io.Externalizable</code>接口即可执行序列化操作</p></div><p class="readmore"><a href="/2020/03/18/Java 反序列化/">阅读全文</a></p></div><div class="post"><h1 class="post-title"><a href="/2020/03/17/RMI/">RMI</a></h1><div class="post-meta">2020-03-17</div><a class="disqus-comment-count" data-disqus-identifier="2020/03/17/RMI/" href="/2020/03/17/RMI/#disqus_thread"></a><div class="post-content"><blockquote>
<p>@Author: Patrilic<br>@Time: 2020-3-17 16:41:55</p>
</blockquote>
<p><img src="/wallpaper/sky.jpg" alt></p>
<h2 id="0x00-前言"><a href="#0x00-前言" class="headerlink" title="0x00 前言"></a>0x00 前言</h2><p>RMI(Remote Method Invocation) - Java远程方法调用, 类似于RPC, 实现了Java程序跨JVM的的方法调用。<br>简而言之就是能够在另一个JVM中调用对象的方法。</p></div><p class="readmore"><a href="/2020/03/17/RMI/">阅读全文</a></p></div><div class="post"><h1 class="post-title"><a href="/2020/03/15/JNDI注入/">JNDI注入</a></h1><div class="post-meta">2020-03-15</div><a class="disqus-comment-count" data-disqus-identifier="2020/03/15/JNDI注入/" href="/2020/03/15/JNDI注入/#disqus_thread"></a><div class="post-content"><blockquote>
<p>@Author: Patrilic<br>@Time: 2020-3-15 16:41:55</p>
</blockquote>
<p><img src="/wallpaper/girl_rain_anime.jpg" alt></p>
<h2 id="0x00-JNDI"><a href="#0x00-JNDI" class="headerlink" title="0x00 JNDI"></a>0x00 JNDI</h2><p><code>JNDI(Java Naming and Directory Interface)</code>是Java提供的Java 命名和目录接口。</p></div><p class="readmore"><a href="/2020/03/15/JNDI注入/">阅读全文</a></p></div><div class="post"><h1 class="post-title"><a href="/2020/03/14/Fastjson =< 1.2.47 反序列化漏洞分析/">Fastjson =< 1.2.47 反序列化漏洞分析</a></h1><div class="post-meta">2020-03-14</div><a class="disqus-comment-count" data-disqus-identifier="2020/03/14/Fastjson =< 1.2.47 反序列化漏洞分析/" href="/2020/03/14/Fastjson =< 1.2.47 反序列化漏洞分析/#disqus_thread"></a><div class="post-content"><blockquote>
<p>@Author: Patrilic<br>@Time: 2020-3-14 23:08:55</p>
</blockquote>
<p><img src="/wallpaper/33703665.png" alt></p>
<h2 id="0x00-RMI和LDAP的适用版本"><a href="#0x00-RMI和LDAP的适用版本" class="headerlink" title="0x00 RMI和LDAP的适用版本"></a>0x00 RMI和LDAP的适用版本</h2><ul></ul></div><p class="readmore"><a href="/2020/03/14/Fastjson =< 1.2.47 反序列化漏洞分析/">阅读全文</a></p></div><nav class="page-navigator"><span class="page-number current">1</span><a class="page-number" href="/page/2/">2</a><a class="page-number" href="/page/3/">3</a><span class="space">…</span><a class="page-number" href="/page/5/">5</a><a class="extend next" rel="next" href="/page/2/">下一页</a></nav><script id="dsq-count-scr" src="//Patrilic.disqus.com/count.js" async></script></div></div><div class="pure-u-1-4 hidden_mid_and_down"><div id="sidebar"><div class="widget"><form class="search-form" action="//www.google.com/search" method="get" accept-charset="utf-8" target="_blank"><input type="text" name="q" maxlength="20" placeholder="Search"><input type="hidden" name="sitesearch" value="http://patrilic.top"></form></div><div class="widget"><div class="widget-title"><i class="fa fa-folder-o"> 分类</i></div><ul class="category-list"><li class="category-list-item"><a class="category-list-link" href="/categories/ATT-CK/">ATT&CK</a><span class="category-list-count">1</span></li><li class="category-list-item"><a class="category-list-link" href="/categories/BypassUac/">BypassUac</a><span class="category-list-count">2</span></li><li class="category-list-item"><a class="category-list-link" href="/categories/Diary/">Diary</a><span class="category-list-count">2</span></li><li class="category-list-item"><a class="category-list-link" href="/categories/Java-Sec/">Java_Sec</a><span class="category-list-count">9</span></li><li class="category-list-item"><a class="category-list-link" href="/categories/Pentest-Cheat-Sheet/">Pentest Cheat Sheet</a><span class="category-list-count">1</span></li><li class="category-list-item"><a class="category-list-link" href="/categories/Red-Team-Tricks/">Red-Team Tricks</a><span class="category-list-count">8</span></li><li class="category-list-item"><a class="category-list-link" href="/categories/SQLi-Tricks/">SQLi Tricks</a><span class="category-list-count">1</span></li><li class="category-list-item"><a class="category-list-link" href="/categories/Skills/">Skills</a><span class="category-list-count">1</span></li><li class="category-list-item"><a class="category-list-link" href="/categories/Threat-Intelligence/">Threat Intelligence</a><span class="category-list-count">1</span></li><li class="category-list-item"><a class="category-list-link" href="/categories/Write-up/">Write-up</a><span class="category-list-count">9</span></li><li class="category-list-item"><a class="category-list-link" href="/categories/linux/">linux</a><span class="category-list-count">1</span></li><li class="category-list-item"><a class="category-list-link" href="/categories/内网渗透/">内网渗透</a><span class="category-list-count">1</span></li><li class="category-list-item"><a class="category-list-link" href="/categories/漏洞复现/">漏洞复现</a><span class="category-list-count">8</span></li></ul></div><div class="widget"><div class="widget-title"><i class="fa fa-star-o"> 标签</i></div><div class="tagcloud"><a href="/tags/Ghost-cat/" style="font-size: 15px;">Ghost_cat</a> <a href="/tags/Backdoor/" style="font-size: 15px;">Backdoor</a> <a href="/tags/CTF/" style="font-size: 15px;">CTF</a> <a href="/tags/BlueKeep/" style="font-size: 15px;">BlueKeep</a> <a href="/tags/Windows提权/" style="font-size: 15px;">Windows提权</a> <a href="/tags/Forcepoint-VPN/" style="font-size: 15px;">Forcepoint VPN</a> <a href="/tags/DLL-Hijacking/" style="font-size: 15px;">DLL Hijacking</a> <a href="/tags/Potato/" style="font-size: 15px;">Potato</a> <a href="/tags/FastJson/" style="font-size: 15px;">FastJson</a> <a href="/tags/JNDI/" style="font-size: 15px;">JNDI</a> <a href="/tags/代码审计/" style="font-size: 15px;">代码审计</a> <a href="/tags/Java反射/" style="font-size: 15px;">Java反射</a> <a href="/tags/n1ctf-pentest/" style="font-size: 15px;">n1ctf-pentest</a> <a href="/tags/metasploit/" style="font-size: 15px;">metasploit</a> <a href="/tags/SQLi/" style="font-size: 15px;">SQLi</a> <a href="/tags/Bypass-CDN/" style="font-size: 15px;">Bypass CDN</a> <a href="/tags/内网渗透/" style="font-size: 15px;">内网渗透</a> <a href="/tags/iSoonLab-org/" style="font-size: 15px;">iSoonLab.org</a> <a href="/tags/proc/" style="font-size: 15px;">proc</a> <a href="/tags/ClassLoader/" style="font-size: 15px;">ClassLoader</a> <a href="/tags/反序列化/" style="font-size: 15px;">反序列化</a> <a href="/tags/SQL注入/" style="font-size: 15px;">SQL注入</a> <a href="/tags/RMI/" style="font-size: 15px;">RMI</a> <a href="/tags/Struts2/" style="font-size: 15px;">Struts2</a> <a href="/tags/Commons-Collections/" style="font-size: 15px;">Commons-Collections</a> <a href="/tags/Jackson/" style="font-size: 15px;">Jackson</a> <a href="/tags/文件上传/" style="font-size: 15px;">文件上传</a> <a href="/tags/威胁情报/" style="font-size: 15px;">威胁情报</a> <a href="/tags/Git/" style="font-size: 15px;">Git</a> <a href="/tags/DotNet/" style="font-size: 15px;">DotNet</a> <a href="/tags/命令执行/" style="font-size: 15px;">命令执行</a></div></div><div class="widget"><div class="widget-title"><i class="fa fa-external-link"> 友情链接</i></div><ul></ul><a href="https://balis0ng.com" title="balis0ng" target="_blank">balis0ng</a><ul></ul><a href="https://evi1cg.me/" title="evi1cg's Blog" target="_blank">evi1cg's Blog</a><ul></ul><a href="http://hpdoger.cn" title="Hpdoger" target="_blank">Hpdoger</a><ul></ul><a href="http://0day.design" title="Passer6y" target="_blank">Passer6y</a><ul></ul><a href="http://adm1n.design" title="Hu3sky" target="_blank">Hu3sky</a><ul></ul><a href="http://0xa1paca.top" title="0xa1paca" target="_blank">0xa1paca</a><ul></ul><a href="http://noel.xin/" title="Noel's Blog" target="_blank">Noel's Blog</a><ul></ul><a href="https://www.0akarma.com" title="0aKarmA" target="_blank">0aKarmA</a><ul></ul><a href="https://www.cnblogs.com/H4lo" title="H4lo" target="_blank">H4lo</a><ul></ul><a href="https://www.kingkk.com/" title="Kingkk's Blog" target="_blank">Kingkk's Blog</a><ul></ul><a href="http://blog.leanote.com/snowming" title="Snowming" target="_blank">Snowming</a><ul></ul><a href="http://r3start.net/" title="R3start" target="_blank">R3start</a><ul></ul><a href="https://zgao.top" title="zgao" target="_blank">zgao</a><ul></ul><a href="https://b1eed.github.io/" title="1x2Bytes" target="_blank">1x2Bytes</a><ul></ul><a href="http://www.free04k.cn/" title="free04k" target="_blank">free04k</a><ul></ul><a href="http://hl0rey.github.io/" title="hl0rey" target="_blank">hl0rey</a></div></div></div><div class="pure-u-1 pure-u-md-3-4"><div id="footer">Copyright © 2020 <a href="/." rel="nofollow">Patrilic's blog.</a> Powered by<a rel="nofollow" target="_blank" href="https://hexo.io"> Hexo.</a><a rel="nofollow" target="_blank" href="https://github.com/tufu9441/maupassant-hexo"> Theme</a> by<a rel="nofollow" target="_blank" href="https://github.com/pagecho"> Cho.</a></div></div></div><a class="show" id="rocket" href="#top"></a><script type="text/javascript" src="/js/totop.js?v=0.0.0" async></script><script type="text/javascript" src="//lib.baomitu.com/fancybox/3.5.7/jquery.fancybox.min.js" async></script><script type="text/javascript" src="/js/fancybox.js?v=0.0.0" async></script><link rel="stylesheet" type="text/css" href="//lib.baomitu.com/fancybox/3.5.7/jquery.fancybox.min.css"><script type="text/javascript" src="/js/codeblock-resizer.js?v=0.0.0"></script><script type="text/javascript" src="/js/smartresize.js?v=0.0.0"></script></div><script src="/live2dw/lib/L2Dwidget.min.js?094cbace49a39548bed64abff5988b05"></script><script>L2Dwidget.init({"pluginRootPath":"live2dw/","pluginJsPath":"lib/","pluginModelPath":"assets/","model":{"jsonPath":"/live2dw/assets/koharu.model.json"},"display":{"position":"right","width":150,"height":300},"mobile":{"show":true},"log":false,"tagMode":false});</script></body></html>