The project is a simple vulnerability Demo environment written by SpringBoot. Here, I deliberately wrote a vulnerability environment where there are arbitrary file uploads, and then use the `scan` attribute in the loghack configuration file to cooperate with the logback vulnerability to implement RCE.
☆86Dec 14, 2021Updated 4 years ago
Alternatives and similar repositories for logbackRceDemo
Users that are interested in logbackRceDemo are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Apache Dubbo漏洞测试Demo及其POC☆64Mar 27, 2023Updated 3 years ago
- ☆296May 7, 2022Updated 3 years ago
- My CodeQL queries collection☆99Aug 28, 2023Updated 2 years ago
- Intentionally Vulnerable to Spring4Shell☆52Apr 1, 2022Updated 4 years ago
- 利用链、漏洞检测工具☆375Jul 31, 2024Updated last year
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- ☆21Oct 7, 2022Updated 3 years ago
- 检测目标Mysql数据库是不是蜜罐☆127Feb 23, 2021Updated 5 years ago
- Java安全路上的学习笔记☆85Feb 24, 2023Updated 3 years ago
- Java反序列化漏洞利用链补全计划,仅用于个人归纳总结。☆420Dec 3, 2021Updated 4 years ago
- Unofficial Dockerfile and scripts for building CodeQL databases for the OpenJDK☆49Jan 7, 2024Updated 2 years ago
- 利用任意文件下载漏洞循环下载反编译 Class 文件获得网站 Java 源代码☆713May 10, 2021Updated 4 years ago
- ☆91Mar 9, 2022Updated 4 years ago
- Use java instrument API without JAR file☆46Jun 19, 2022Updated 3 years ago
- Apache Log4j 1.2.X存在反序列化远程代码执行漏洞☆78Dec 25, 2019Updated 6 years ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- 收集了java XXE漏洞的demo及修复方式☆19Mar 11, 2024Updated 2 years ago
- rmi、jndi、ldap、jrmp、jmx、jms一些demo测试☆311Jun 17, 2022Updated 3 years ago
- 注入JVM进程 动态获取目标进程连接的数据库☆343Mar 6, 2022Updated 4 years ago
- ☆21Mar 25, 2022Updated 4 years ago
- CodeQL 寻找 JNDI利用 Lookup接口☆166Apr 10, 2022Updated 4 years ago
- JRE8u20_RCE_Gadget☆255Jul 1, 2016Updated 9 years ago
- fastjson 1.2.68 版本 autotype bypass☆142Jun 17, 2022Updated 3 years ago
- Apache/Alibaba Dubbo <= 2.7.3 PoC Code for CVE-2021-25641 RCE via Deserialization of Untrusted Data; Affects Versions <= 2.7.6 With Diffe…☆53Jun 6, 2021Updated 4 years ago
- bypass BeaconEye☆89Sep 9, 2021Updated 4 years ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Codeql学习笔记☆903Apr 25, 2022Updated 3 years ago
- tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484…☆213May 19, 2020Updated 5 years ago
- 恶意软件容器靶机☆107Mar 4, 2021Updated 5 years ago
- 🕳️ Proof of Concept exploits and their descriptions for various products☆25Nov 12, 2024Updated last year
- CodeQL Java 全网最全的中文学习资料☆798Mar 18, 2022Updated 4 years ago
- ☆84Nov 20, 2021Updated 4 years ago
- Fastjson姿势技巧集合☆1,839Oct 20, 2023Updated 2 years ago
- Windows杀软对比和补丁号对比☆57Oct 28, 2019Updated 6 years ago
- springboot getRequestURI acl bypass☆37Oct 13, 2020Updated 5 years ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- ☆123Jun 7, 2023Updated 2 years ago
- 一个简单的现代化公司域名使用规律预测及生成工具☆389Feb 24, 2022Updated 4 years ago
- A exploit tool for Grafana Unauthorized arbitrary file reading vulnerability (CVE-2021-43798), it can burst plugins / extract secret_key …☆269Oct 17, 2025Updated 5 months ago
- java 漏洞平台包含各种CVE☆23Jun 17, 2022Updated 3 years ago
- ☆232Jan 3, 2022Updated 4 years ago
- attackRmi☆258Oct 14, 2020Updated 5 years ago
- Rust 重构的 sRDI☆18Sep 9, 2024Updated last year