Principle analysis of JAVA deserialization vulnerability

Principle analysis of deserialization vulnerability Start with serialization and deserialization What are serialization and deserialization? In short, serialization is the process of converting an object into a byte sequence (that is, a form that can be stored or transmitted), while deserialization is its inverse operation, that is, the pro ...

Added by ShaileshD on Tue, 12 Oct 2021 08:44:30 +0300

Security vulnerability analysis of Weblogic12c T3 protocol

preface WebLogic is an application server produced by American Oracle company, specifically a middleware based on JAVAEE architecture. Java application server is mainly used to develop, integrate, deploy and manage large-scale distributed Web applications, network applications and database applications. In recent years, many RCE vulnerabilitie ...

Added by chriscloyd on Sat, 02 Oct 2021 21:53:28 +0300

ctfhub skill tree WEB(SQL injection and file upload)

injection 1. Determine injection type 1 and 1=1 Normal output 1 and 1=2 No output (Digital injection)      2. Number of guess fields 1 order by 2 Page echo normal 1 order by 3 Page no echo The number of fields is 2 3. View display bit -1 union select 1,2 The display bit is Data 4. View data ...

Added by tharagleb on Tue, 21 Sep 2021 22:15:36 +0300