此漏洞为Xxljob配置不当情况下反序列化RCE
XxlJob<=2.1.2,需要利用Hessian触发。
XxlJob >= 2.2.0 会支持RESTFUL API,直接打公开的POC过去即可。
该项目主要是探讨Hessian触发方式。
-
Notifications
You must be signed in to change notification settings - Fork 6
OneSourceCat/XxlJob-Hessian-RCE
About
XxlJob<=2.1.2配置不当情况下反序列化RCE
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published