lca

真正的不自由，是在自己的心中设下牢笼。

fastjson 80 remote code execution vulnerability reproduction

Apr 17, 2023315

AI Translation

This post is translated from Chinese into English through AI.View Original

AI-generated summary

The article discusses the exploitation process of a vulnerability in fastjson, without delving into the details of the vulnerability itself. The author provides a link to the project on GitHub and notes that the exploit requires fastjson version 1.2.76. The article also includes an image from a website.

Familiarized myself with the vulnerability exploitation process of fastjson. The vulnerability principle of fastjson is not covered here. Although there are many explanations of the principle online, they are too basic and simple, so no one has written about it. I also had to explore it for a while.

Project Address#

GitHub - Lonely-night/fastjsonVul at 7f9d2d8ea1c27ae1f9c06076849ae76c25b6aff7

Exploitation Conditions#

fastjson version: 1.2.76 <= fastjson < 1.2.83
groovy dependency exists

Reproduction Steps#

Compile the attack module into attack-1.jar package.

Execute the HTTP service in the directory where attack-1.jar package is located.

python -m SimpleHTTPServer 8433

Run the POC.

Reopen the project using IntelliJ IDEA, project path:

Switch JDK version to 1.8

Open the poc.java file, which is the payload for vulnerability verification.

Right-click and run.

Successfully run the payload.

The article is rough, please forgive me.

Image source: https://wallhaven.cc/

Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.

Blockchain ID
#53657-9
Owner
0x0bd0c6639592f2265c3dcd019be4fe39e5b00428
Transaction Hash
Creation 0x0c7ca68d...a7f5d5615e Last Update 0x0c7ca68d...a7f5d5615e
IPFS Address
ipfs://bafkreifzrq7v5fjl3fof3rskkb6uhyotzbfv7h5trxhajg6uxbogbidyj4