##利用条件
- fastjson版本: 1.2.76 <= fastjson < 1.2.83
- 存在groovy依赖
##复现步骤 1.编译attack 模块为 attack-1.jar包
2.在attack-1.jar包所在的目录下执行启用http服务。
python -m SimpleHTTPServer 8433
3.运行poc
-
Notifications
You must be signed in to change notification settings - Fork 24
Lonely-night/fastjsonVul
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
About
fastjson 80 远程代码执行漏洞复现
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published