所有系列 - Y4er的博客

所有系列

Windows协议 ¹⁴

Kerberos Bronze Bit Attack 绕过约束委派限制

XXE到域控复现(基于资源的约束委派)

Kerberos协议之基于资源的约束委派

Kerberos协议之约束委派

Kerberos协议之非约束委派

Weblogic ¹⁰

WebLogic CVE-2020-14756 T3/IIOP 反序列化RCE

WebLogic CVE-2021-2109 JNDI RCE

Weblogic CVE-2020-14645

Weblogic CVE-2020-2555 反序列化RCE EXP构造

Weblogic CVE-2020-2551 IIOP协议反序列化RCE

vmware ⁸

VMware VRealize Network Insight 命令注入和目录穿越及补丁绕过

VMware vROPS RCE of java bean

VMware vROPS 文件读取到反序列化RCE

Apache Geode/VMware GemFire Deserialize RCE

CVE-2022-22955 VMware Workspace ONE Access OAuth2TokenResourceController Auth Bypass

ManageEngine ⁵

CVE-2022-36923 ManageEngine OpManager getUserAPIKey Authentication Bypass

CVE-2022-35405 Zoho Password Manager Pro XML-RPC RCE

CVE-2022-28219 Zoho ManageEngine ADAudit Plus XXE到RCE

CVE-2021-44077 Zoho ManageEngine ServiceDesk Plus Pre-Auth RCE

CVE-2020-10189 Zoho ManageEngine Desktop Central反序列化RCE

SolarWinds ⁴

CVE-2021-35218 SolarWinds PM Chart端点RCE

CVE-2021-35216 SolarWinds PM EditTopXX.aspx RCE

CVE-2021-35217 SolarWinds PM WSAsyncExecuteTasks RCE

CVE-2021-35215 SolarWinds ActionPluginBaseView RCE

ThinkPHP ⁴

Thinkphp 源码阅读

Thinkphp5 RCE总结

Thinkphp3 漏洞总结

Thinkphp错误使用Upload类导致getshell

fastjson ³

fastjson 1.2.80 漏洞分析

fastjson 1.2.68 bypass autotype

Fastjson 反序列化RCE分析

Veeam ³

CVE-2023-27532 Veeam Backup & Replication leaked credentials

CVE-2022-26503 Veeam Agent for Microsoft Windows LPE

CVE-2022-26500 Veeam Backup & Replication RCE

静态软件分析 ³

Java静态分析框架Tai-e的简单使用

Doop学习 part 1

ByteCodeDL 学习