spring boot upload file lead to rce tricks:spring boot Fat Jar 应用文件上传漏洞到 RCE 的利用
spring-boot-upload-file-lead-to-rce-tricks 一. docker 漏洞环境搭建 docker pull landgrey/spring-boot-fat-jar-write-file-rce:1.2 docker run -d -p 18081:18081 landgrey/spring-boot-fat-jar-write-file-rce:1.2 完成后访问 二. 相关文章 三. 常见 JDK 目录收集 欢迎提 issue 补充:clapping_hands:~ /usr/lib/jvm/java-8-oracle/jre/lib/ /usr/lib/jvm/java-1.8-openjdk/jre/lib/ /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/ 四. docker 漏洞环境的功能 文件上传功能 (默认上传到 /tmp/ 目录,
文件列表
spring-boot-upload-file-lead-to-rce-tricks-main.zip
(预估有个27文件)
spring-boot-upload-file-lead-to-rce-tricks-main
.gitignore
401B
fatJarWriteFileRCE
src
main
resources
templates
uploadStatus.html
185B
index.html
1KB
upload.html
545B
暂无评论