banner
lca

lca

真正的不自由,是在自己的心中设下牢笼。
HomeArchives图文

fastjson 80 Remote Code Execution Vulnerability Reproduction

316
AI Translation
This post is translated from Chinese into English through AI.View Original
AI-generated summary
The text discusses the exploitation process of a vulnerability in the fastjson library. It mentions that the vulnerability principle is not covered in the text and that it is difficult to find basic explanations online. It provides a link to the project's GitHub page and mentions that the vulnerability requires fastjson version 1.2.76. The text also mentions that the image used in the text is sourced from a website called wallhaven.cc.

image

I familiarized myself with the vulnerability exploitation process of fastjson. The vulnerability principle of fastjson is not covered here. Although there are many explanations online, they are too basic and simple, and no one has written about it. I had to figure it out on my own.

Project Address#

GitHub - Lonely-night/fastjsonVul at 7f9d2d8ea1c27ae1f9c06076849ae76c25b6aff7

Exploitation Conditions#

  • fastjson version: 1.2.76 <= fastjson < 1.2.83
  • Requires groovy dependency

Reproduction Steps#

  1. Compile the attack module into attack-1.jar package.

image-20230329160058491

  1. Execute the HTTP server in the directory where attack-1.jar package is located.

python -m SimpleHTTPServer 8433

image-20230329160109284

  1. Run the proof of concept (poc).

Reopen the project using IntelliJ IDEA. Project path:

image-20230329160132495

Switch JDK version to 1.8

image-20230329160148463

image-20230329160158358

Open the poc.java file, which contains the payload for vulnerability verification.

image-20230329160216067

Right-click and run.

image-20230329160228607

Successfully run the payload.

image-20230329160239277

The article is rough, please forgive me.

Image source: https://wallhaven.cc/

Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.