René's URL Explorer Experiment


Title: GitHub - sofunc/SpringBootVulExploit: SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list

Open Graph Title: GitHub - sofunc/SpringBootVulExploit: SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list

X Title: GitHub - sofunc/SpringBootVulExploit: SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list

Description: SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list. Contribute to sofunc/SpringBootVulExploit development by creating an account on GitHub.

Open Graph Description: SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list. Contribute to sofunc/SpringBootVulExploit development by creating an account on GitHub.

X Description: SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list. Contribute to sofunc/SpringBootVulExploit development by creating an account on GitHub.

Opengraph URL: https://github.com/sofunc/SpringBootVulExploit

X: @github

direct link

Domain: patch-diff.githubusercontent.com

route-pattern/:user_id/:repository
route-controllerfiles
route-actiondisambiguate
fetch-noncev2:70fd24f3-49b3-f437-9e89-b898b1959d69
current-catalog-service-hashf3abb0cc802f3d7b95fc8762b94bdcb13bf39634c40c357301c4aa1d67a256fb
request-idE93C:2A1C7B:30CEA1:45BF60:696F9A24
html-safe-nonced4e6256943242baf851dd5cbb8e453a7f3b6d6a8becbb7a12209a9a58b310da7
visitor-payloadeyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJFOTNDOjJBMUM3QjozMENFQTE6NDVCRjYwOjY5NkY5QTI0IiwidmlzaXRvcl9pZCI6IjcwMjAyNjk5MTcwNTUxOTU2ODQiLCJyZWdpb25fZWRnZSI6ImlhZCIsInJlZ2lvbl9yZW5kZXIiOiJpYWQifQ==
visitor-hmacab1636f599efc1de9cda29036fe275cebc43ac2a864898b765beb62c03883d2b
hovercard-subject-tagrepository:645701779
github-keyboard-shortcutsrepository,copilot
google-site-verificationApib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I
octolytics-urlhttps://collector.github.com/github/collect
analytics-location//
fb:app_id1401488693436528
apple-itunes-appapp-id=1477376905, app-argument=https://github.com/sofunc/SpringBootVulExploit
twitter:imagehttps://opengraph.githubassets.com/045b06559cebfbfed601fb753ee009a2d4cf251ac3ed22e9cf3bd83431c4dcd4/sofunc/SpringBootVulExploit
twitter:cardsummary_large_image
og:imagehttps://opengraph.githubassets.com/045b06559cebfbfed601fb753ee009a2d4cf251ac3ed22e9cf3bd83431c4dcd4/sofunc/SpringBootVulExploit
og:image:altSpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list. Contribute to sofunc/SpringBootVulExploit development by creating an account on GitHub.
og:image:width1200
og:image:height600
og:site_nameGitHub
og:typeobject
hostnamegithub.com
expected-hostnamegithub.com
None0ca8d8c65612640b9a1a588b3eed68222ca723ed2d028b18fe81b28936d535eb
turbo-cache-controlno-preview
go-importgithub.com/sofunc/SpringBootVulExploit git https://github.com/sofunc/SpringBootVulExploit.git
octolytics-dimension-user_id49566963
octolytics-dimension-user_loginsofunc
octolytics-dimension-repository_id645701779
octolytics-dimension-repository_nwosofunc/SpringBootVulExploit
octolytics-dimension-repository_publictrue
octolytics-dimension-repository_is_forktrue
octolytics-dimension-repository_parent_id265513067
octolytics-dimension-repository_parent_nwoLandGrey/SpringBootVulExploit
octolytics-dimension-repository_network_root_id265513067
octolytics-dimension-repository_network_root_nwoLandGrey/SpringBootVulExploit
turbo-body-classeslogged-out env-production page-responsive
disable-turbofalse
browser-stats-urlhttps://api.github.com/_private/browser/stats
browser-errors-urlhttps://api.github.com/_private/browser/errors
release95f60616ce2765d1114fe6da4af405a58c6d26d2
ui-targetfull
theme-color#1e2327
color-schemelight dark

Links:

Skip to contenthttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#start-of-content
https://patch-diff.githubusercontent.com/
Sign in https://patch-diff.githubusercontent.com/login?return_to=https%3A%2F%2Fgithub.com%2Fsofunc%2FSpringBootVulExploit
GitHub CopilotWrite better code with AIhttps://github.com/features/copilot
GitHub SparkBuild and deploy intelligent appshttps://github.com/features/spark
GitHub ModelsManage and compare promptshttps://github.com/features/models
MCP RegistryNewIntegrate external toolshttps://github.com/mcp
ActionsAutomate any workflowhttps://github.com/features/actions
CodespacesInstant dev environmentshttps://github.com/features/codespaces
IssuesPlan and track workhttps://github.com/features/issues
Code ReviewManage code changeshttps://github.com/features/code-review
GitHub Advanced SecurityFind and fix vulnerabilitieshttps://github.com/security/advanced-security
Code securitySecure your code as you buildhttps://github.com/security/advanced-security/code-security
Secret protectionStop leaks before they starthttps://github.com/security/advanced-security/secret-protection
Why GitHubhttps://github.com/why-github
Documentationhttps://docs.github.com
Bloghttps://github.blog
Changeloghttps://github.blog/changelog
Marketplacehttps://github.com/marketplace
View all featureshttps://github.com/features
Enterpriseshttps://github.com/enterprise
Small and medium teamshttps://github.com/team
Startupshttps://github.com/enterprise/startups
Nonprofitshttps://github.com/solutions/industry/nonprofits
App Modernizationhttps://github.com/solutions/use-case/app-modernization
DevSecOpshttps://github.com/solutions/use-case/devsecops
DevOpshttps://github.com/solutions/use-case/devops
CI/CDhttps://github.com/solutions/use-case/ci-cd
View all use caseshttps://github.com/solutions/use-case
Healthcarehttps://github.com/solutions/industry/healthcare
Financial serviceshttps://github.com/solutions/industry/financial-services
Manufacturinghttps://github.com/solutions/industry/manufacturing
Governmenthttps://github.com/solutions/industry/government
View all industrieshttps://github.com/solutions/industry
View all solutionshttps://github.com/solutions
AIhttps://github.com/resources/articles?topic=ai
Software Developmenthttps://github.com/resources/articles?topic=software-development
DevOpshttps://github.com/resources/articles?topic=devops
Securityhttps://github.com/resources/articles?topic=security
View all topicshttps://github.com/resources/articles
Customer storieshttps://github.com/customer-stories
Events & webinarshttps://github.com/resources/events
Ebooks & reportshttps://github.com/resources/whitepapers
Business insightshttps://github.com/solutions/executive-insights
GitHub Skillshttps://skills.github.com
Documentationhttps://docs.github.com
Customer supporthttps://support.github.com
Community forumhttps://github.com/orgs/community/discussions
Trust centerhttps://github.com/trust-center
Partnershttps://github.com/partners
GitHub SponsorsFund open source developershttps://github.com/sponsors
Security Labhttps://securitylab.github.com
Maintainer Communityhttps://maintainers.github.com
Acceleratorhttps://github.com/accelerator
Archive Programhttps://archiveprogram.github.com
Topicshttps://github.com/topics
Trendinghttps://github.com/trending
Collectionshttps://github.com/collections
Enterprise platformAI-powered developer platformhttps://github.com/enterprise
GitHub Advanced SecurityEnterprise-grade security featureshttps://github.com/security/advanced-security
Copilot for BusinessEnterprise-grade AI featureshttps://github.com/features/copilot/copilot-business
Premium SupportEnterprise-grade 24/7 supporthttps://github.com/premium-support
Pricinghttps://github.com/pricing
Search syntax tipshttps://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
documentationhttps://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
Sign in https://patch-diff.githubusercontent.com/login?return_to=https%3A%2F%2Fgithub.com%2Fsofunc%2FSpringBootVulExploit
Sign up https://patch-diff.githubusercontent.com/signup?ref_cta=Sign+up&ref_loc=header+logged+out&ref_page=%2F%3Cuser-name%3E%2F%3Crepo-name%3E&source=header-repo&source_repo=sofunc%2FSpringBootVulExploit
Reloadhttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit
Reloadhttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit
Reloadhttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit
sofunc https://patch-diff.githubusercontent.com/sofunc
SpringBootVulExploithttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit
LandGrey/SpringBootVulExploithttps://patch-diff.githubusercontent.com/LandGrey/SpringBootVulExploit
Notifications https://patch-diff.githubusercontent.com/login?return_to=%2Fsofunc%2FSpringBootVulExploit
Fork 0 https://patch-diff.githubusercontent.com/login?return_to=%2Fsofunc%2FSpringBootVulExploit
Star 0 https://patch-diff.githubusercontent.com/login?return_to=%2Fsofunc%2FSpringBootVulExploit
0 stars https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit/stargazers
1.3k forks https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit/forks
Branches https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit/branches
Tags https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit/tags
Activity https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit/activity
Star https://patch-diff.githubusercontent.com/login?return_to=%2Fsofunc%2FSpringBootVulExploit
Notifications https://patch-diff.githubusercontent.com/login?return_to=%2Fsofunc%2FSpringBootVulExploit
Code https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit
Pull requests 0 https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit/pulls
Actions https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit/actions
Projects 0 https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit/projects
Security Uh oh! There was an error while loading. Please reload this page. https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit/security
Please reload this pagehttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit
Insights https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit/pulse
Code https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit
Pull requests https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit/pulls
Actions https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit/actions
Projects https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit/projects
Security https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit/security
Insights https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit/pulse
Brancheshttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit/branches
Tagshttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit/tags
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit/branches
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit/tags
27 Commitshttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit/commits/master/
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit/commits/master/
codebasehttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit/tree/master/codebase
codebasehttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit/tree/master/codebase
repositoryhttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit/tree/master/repository
repositoryhttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit/tree/master/repository
.gitignorehttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit/blob/master/.gitignore
.gitignorehttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit/blob/master/.gitignore
README.mdhttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit/blob/master/README.md
README.mdhttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit/blob/master/README.md
READMEhttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#spring-boot-vulnerability-exploit-check-list
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#声明
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#目录
Spring Boot Vulnerability Exploit Check Listhttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#spring-boot-vulnerability-exploit-check-list
零:路由和版本https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E9%9B%B6%E8%B7%AF%E7%94%B1%E5%92%8C%E7%89%88%E6%9C%AC
0x01:路由知识https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x01%E8%B7%AF%E7%94%B1%E7%9F%A5%E8%AF%86
0x02:版本知识https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x02%E7%89%88%E6%9C%AC%E7%9F%A5%E8%AF%86
组件版本的相互依赖关系:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E7%BB%84%E4%BB%B6%E7%89%88%E6%9C%AC%E7%9A%84%E7%9B%B8%E4%BA%92%E4%BE%9D%E8%B5%96%E5%85%B3%E7%B3%BB
Spring Cloud 与 Spring Boot 版本之间的依赖关系:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#spring-cloud-%E4%B8%8E-spring-boot-%E7%89%88%E6%9C%AC%E4%B9%8B%E9%97%B4%E7%9A%84%E4%BE%9D%E8%B5%96%E5%85%B3%E7%B3%BB
Spring Cloud 小版本号的后缀及含义:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#spring-cloud-%E5%B0%8F%E7%89%88%E6%9C%AC%E5%8F%B7%E7%9A%84%E5%90%8E%E7%BC%80%E5%8F%8A%E5%90%AB%E4%B9%89
一:信息泄露https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E4%B8%80%E4%BF%A1%E6%81%AF%E6%B3%84%E9%9C%B2
0x01:路由地址及接口调用详情泄漏https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x01%E8%B7%AF%E7%94%B1%E5%9C%B0%E5%9D%80%E5%8F%8A%E6%8E%A5%E5%8F%A3%E8%B0%83%E7%94%A8%E8%AF%A6%E6%83%85%E6%B3%84%E6%BC%8F
0x02:配置不当而暴露的路由https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x02%E9%85%8D%E7%BD%AE%E4%B8%8D%E5%BD%93%E8%80%8C%E6%9A%B4%E9%9C%B2%E7%9A%84%E8%B7%AF%E7%94%B1
0x03:获取被星号脱敏的密码的明文 (方法一)https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x03%E8%8E%B7%E5%8F%96%E8%A2%AB%E6%98%9F%E5%8F%B7%E8%84%B1%E6%95%8F%E7%9A%84%E5%AF%86%E7%A0%81%E7%9A%84%E6%98%8E%E6%96%87-%E6%96%B9%E6%B3%95%E4%B8%80
利用条件:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E5%88%A9%E7%94%A8%E6%9D%A1%E4%BB%B6
利用方法:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E5%88%A9%E7%94%A8%E6%96%B9%E6%B3%95
步骤一: 找到想要获取的属性名https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%B8%80-%E6%89%BE%E5%88%B0%E6%83%B3%E8%A6%81%E8%8E%B7%E5%8F%96%E7%9A%84%E5%B1%9E%E6%80%A7%E5%90%8D
步骤二: jolokia 调用相关 Mbean 获取明文https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%BA%8C-jolokia-%E8%B0%83%E7%94%A8%E7%9B%B8%E5%85%B3-mbean-%E8%8E%B7%E5%8F%96%E6%98%8E%E6%96%87
0x04:获取被星号脱敏的密码的明文 (方法二)https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x04%E8%8E%B7%E5%8F%96%E8%A2%AB%E6%98%9F%E5%8F%B7%E8%84%B1%E6%95%8F%E7%9A%84%E5%AF%86%E7%A0%81%E7%9A%84%E6%98%8E%E6%96%87-%E6%96%B9%E6%B3%95%E4%BA%8C
利用条件:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E5%88%A9%E7%94%A8%E6%9D%A1%E4%BB%B6-1
利用方法:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E5%88%A9%E7%94%A8%E6%96%B9%E6%B3%95-1
步骤一: 找到想要获取的属性名https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%B8%80-%E6%89%BE%E5%88%B0%E6%83%B3%E8%A6%81%E8%8E%B7%E5%8F%96%E7%9A%84%E5%B1%9E%E6%80%A7%E5%90%8D-1
步骤二: 使用 nc 监听 HTTP 请求https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%BA%8C-%E4%BD%BF%E7%94%A8-nc-%E7%9B%91%E5%90%AC-http-%E8%AF%B7%E6%B1%82
步骤三: 设置 eureka.client.serviceUrl.defaultZone 属性https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%B8%89-%E8%AE%BE%E7%BD%AE-eurekaclientserviceurldefaultzone-%E5%B1%9E%E6%80%A7
步骤四: 刷新配置https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E5%9B%9B-%E5%88%B7%E6%96%B0%E9%85%8D%E7%BD%AE
步骤五: 解码属性值https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%BA%94-%E8%A7%A3%E7%A0%81%E5%B1%9E%E6%80%A7%E5%80%BC
0x05:获取被星号脱敏的密码的明文 (方法三)https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x05%E8%8E%B7%E5%8F%96%E8%A2%AB%E6%98%9F%E5%8F%B7%E8%84%B1%E6%95%8F%E7%9A%84%E5%AF%86%E7%A0%81%E7%9A%84%E6%98%8E%E6%96%87-%E6%96%B9%E6%B3%95%E4%B8%89
利用条件:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E5%88%A9%E7%94%A8%E6%9D%A1%E4%BB%B6-2
利用方法:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E5%88%A9%E7%94%A8%E6%96%B9%E6%B3%95-2
步骤一: 找到想要获取的属性名https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%B8%80-%E6%89%BE%E5%88%B0%E6%83%B3%E8%A6%81%E8%8E%B7%E5%8F%96%E7%9A%84%E5%B1%9E%E6%80%A7%E5%90%8D-2
步骤二: 使用 nc 监听 HTTP 请求https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%BA%8C-%E4%BD%BF%E7%94%A8-nc-%E7%9B%91%E5%90%AC-http-%E8%AF%B7%E6%B1%82-1
步骤三: 触发对外 http 请求https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%B8%89-%E8%A7%A6%E5%8F%91%E5%AF%B9%E5%A4%96-http-%E8%AF%B7%E6%B1%82
步骤四: 刷新配置https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E5%9B%9B-%E5%88%B7%E6%96%B0%E9%85%8D%E7%BD%AE-1
0x06:获取被星号脱敏的密码的明文 (方法四)https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x06%E8%8E%B7%E5%8F%96%E8%A2%AB%E6%98%9F%E5%8F%B7%E8%84%B1%E6%95%8F%E7%9A%84%E5%AF%86%E7%A0%81%E7%9A%84%E6%98%8E%E6%96%87-%E6%96%B9%E6%B3%95%E5%9B%9B
利用条件:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E5%88%A9%E7%94%A8%E6%9D%A1%E4%BB%B6-3
利用方法:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E5%88%A9%E7%94%A8%E6%96%B9%E6%B3%95-3
步骤一: 找到想要获取的属性名https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%B8%80-%E6%89%BE%E5%88%B0%E6%83%B3%E8%A6%81%E8%8E%B7%E5%8F%96%E7%9A%84%E5%B1%9E%E6%80%A7%E5%90%8D-3
步骤二: 下载 jvm heap 信息https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%BA%8C-%E4%B8%8B%E8%BD%BD-jvm-heap-%E4%BF%A1%E6%81%AF
步骤三: 使用 MAT 获得 jvm heap 中的密码明文https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%B8%89-%E4%BD%BF%E7%94%A8-mat-%E8%8E%B7%E5%BE%97-jvm-heap-%E4%B8%AD%E7%9A%84%E5%AF%86%E7%A0%81%E6%98%8E%E6%96%87
二:远程代码执行https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E4%BA%8C%E8%BF%9C%E7%A8%8B%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C
0x01:whitelabel error page SpEL RCEhttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x01whitelabel-error-page-spel-rce
利用条件:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E5%88%A9%E7%94%A8%E6%9D%A1%E4%BB%B6-4
利用方法:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E5%88%A9%E7%94%A8%E6%96%B9%E6%B3%95-4
步骤一:找到一个正常传参处https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%B8%80%E6%89%BE%E5%88%B0%E4%B8%80%E4%B8%AA%E6%AD%A3%E5%B8%B8%E4%BC%A0%E5%8F%82%E5%A4%84
步骤二:执行 SpEL 表达式https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%BA%8C%E6%89%A7%E8%A1%8C-spel-%E8%A1%A8%E8%BE%BE%E5%BC%8F
漏洞原理:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%BC%8F%E6%B4%9E%E5%8E%9F%E7%90%86
漏洞分析:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90
漏洞环境:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%BC%8F%E6%B4%9E%E7%8E%AF%E5%A2%83
0x02:spring cloud SnakeYAML RCEhttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x02spring-cloud-snakeyaml-rce
利用条件:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E5%88%A9%E7%94%A8%E6%9D%A1%E4%BB%B6-5
利用方法:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E5%88%A9%E7%94%A8%E6%96%B9%E6%B3%95-5
步骤一: 托管 yml 和 jar 文件https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%B8%80-%E6%89%98%E7%AE%A1-yml-%E5%92%8C-jar-%E6%96%87%E4%BB%B6
步骤二: 设置 spring.cloud.bootstrap.location 属性https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%BA%8C-%E8%AE%BE%E7%BD%AE-springcloudbootstraplocation-%E5%B1%9E%E6%80%A7
步骤三: 刷新配置https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%B8%89-%E5%88%B7%E6%96%B0%E9%85%8D%E7%BD%AE
漏洞原理:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%BC%8F%E6%B4%9E%E5%8E%9F%E7%90%86-1
漏洞分析:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90-1
漏洞环境:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%BC%8F%E6%B4%9E%E7%8E%AF%E5%A2%83-1
0x03:eureka xstream deserialization RCEhttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x03eureka-xstream-deserialization-rce
利用条件:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E5%88%A9%E7%94%A8%E6%9D%A1%E4%BB%B6-6
利用方法:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E5%88%A9%E7%94%A8%E6%96%B9%E6%B3%95-6
步骤一:架设响应恶意 XStream payload 的网站https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%B8%80%E6%9E%B6%E8%AE%BE%E5%93%8D%E5%BA%94%E6%81%B6%E6%84%8F-xstream-payload-%E7%9A%84%E7%BD%91%E7%AB%99
步骤二:监听反弹 shell 的端口https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%BA%8C%E7%9B%91%E5%90%AC%E5%8F%8D%E5%BC%B9-shell-%E7%9A%84%E7%AB%AF%E5%8F%A3
步骤三:设置 eureka.client.serviceUrl.defaultZone 属性https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%B8%89%E8%AE%BE%E7%BD%AE-eurekaclientserviceurldefaultzone-%E5%B1%9E%E6%80%A7
步骤四:刷新配置https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E5%9B%9B%E5%88%B7%E6%96%B0%E9%85%8D%E7%BD%AE
漏洞原理:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%BC%8F%E6%B4%9E%E5%8E%9F%E7%90%86-2
漏洞分析:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90-2
漏洞环境:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%BC%8F%E6%B4%9E%E7%8E%AF%E5%A2%83-2
0x04:jolokia logback JNDI RCEhttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x04jolokia-logback-jndi-rce
利用条件:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E5%88%A9%E7%94%A8%E6%9D%A1%E4%BB%B6-7
利用方法:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E5%88%A9%E7%94%A8%E6%96%B9%E6%B3%95-7
步骤一:查看已存在的 MBeanshttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%B8%80%E6%9F%A5%E7%9C%8B%E5%B7%B2%E5%AD%98%E5%9C%A8%E7%9A%84-mbeans
步骤二:托管 xml 文件https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%BA%8C%E6%89%98%E7%AE%A1-xml-%E6%96%87%E4%BB%B6
步骤三:准备要执行的 Java 代码https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%B8%89%E5%87%86%E5%A4%87%E8%A6%81%E6%89%A7%E8%A1%8C%E7%9A%84-java-%E4%BB%A3%E7%A0%81
步骤四:架设恶意 ldap 服务https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E5%9B%9B%E6%9E%B6%E8%AE%BE%E6%81%B6%E6%84%8F-ldap-%E6%9C%8D%E5%8A%A1
步骤五:监听反弹 shell 的端口https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%BA%94%E7%9B%91%E5%90%AC%E5%8F%8D%E5%BC%B9-shell-%E7%9A%84%E7%AB%AF%E5%8F%A3
步骤六:从外部 URL 地址加载日志配置文件https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E5%85%AD%E4%BB%8E%E5%A4%96%E9%83%A8-url-%E5%9C%B0%E5%9D%80%E5%8A%A0%E8%BD%BD%E6%97%A5%E5%BF%97%E9%85%8D%E7%BD%AE%E6%96%87%E4%BB%B6
漏洞原理:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%BC%8F%E6%B4%9E%E5%8E%9F%E7%90%86-3
漏洞分析:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90-3
漏洞环境:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%BC%8F%E6%B4%9E%E7%8E%AF%E5%A2%83-3
0x05:jolokia Realm JNDI RCEhttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x05jolokia-realm-jndi-rce
利用条件:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E5%88%A9%E7%94%A8%E6%9D%A1%E4%BB%B6-8
利用方法:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E5%88%A9%E7%94%A8%E6%96%B9%E6%B3%95-8
步骤一:查看已存在的 MBeanshttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%B8%80%E6%9F%A5%E7%9C%8B%E5%B7%B2%E5%AD%98%E5%9C%A8%E7%9A%84-mbeans-1
步骤二:准备要执行的 Java 代码https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%BA%8C%E5%87%86%E5%A4%87%E8%A6%81%E6%89%A7%E8%A1%8C%E7%9A%84-java-%E4%BB%A3%E7%A0%81
步骤三:托管 class 文件https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%B8%89%E6%89%98%E7%AE%A1-class-%E6%96%87%E4%BB%B6
步骤四:架设恶意 rmi 服务https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E5%9B%9B%E6%9E%B6%E8%AE%BE%E6%81%B6%E6%84%8F-rmi-%E6%9C%8D%E5%8A%A1
步骤五:监听反弹 shell 的端口https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%BA%94%E7%9B%91%E5%90%AC%E5%8F%8D%E5%BC%B9-shell-%E7%9A%84%E7%AB%AF%E5%8F%A3-1
步骤六:发送恶意 payloadhttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E5%85%AD%E5%8F%91%E9%80%81%E6%81%B6%E6%84%8F-payload
漏洞原理:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%BC%8F%E6%B4%9E%E5%8E%9F%E7%90%86-4
漏洞分析:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90-4
漏洞环境:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%BC%8F%E6%B4%9E%E7%8E%AF%E5%A2%83-4
0x06:restart h2 database query RCEhttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x06restart-h2-database-query-rce
利用条件:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E5%88%A9%E7%94%A8%E6%9D%A1%E4%BB%B6-9
利用方法:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E5%88%A9%E7%94%A8%E6%96%B9%E6%B3%95-9
步骤一:设置 spring.datasource.hikari.connection-test-query 属性https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%B8%80%E8%AE%BE%E7%BD%AE-springdatasourcehikariconnection-test-query-%E5%B1%9E%E6%80%A7
步骤二:重启应用https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%BA%8C%E9%87%8D%E5%90%AF%E5%BA%94%E7%94%A8
漏洞原理:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%BC%8F%E6%B4%9E%E5%8E%9F%E7%90%86-5
漏洞分析:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90-5
漏洞环境:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%BC%8F%E6%B4%9E%E7%8E%AF%E5%A2%83-5
0x07:h2 database console JNDI RCEhttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x07h2-database-console-jndi-rce
利用条件:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E5%88%A9%E7%94%A8%E6%9D%A1%E4%BB%B6-10
利用方法:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E5%88%A9%E7%94%A8%E6%96%B9%E6%B3%95-10
步骤一:访问路由获得 jsessionidhttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%B8%80%E8%AE%BF%E9%97%AE%E8%B7%AF%E7%94%B1%E8%8E%B7%E5%BE%97-jsessionid
步骤二:准备要执行的 Java 代码https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%BA%8C%E5%87%86%E5%A4%87%E8%A6%81%E6%89%A7%E8%A1%8C%E7%9A%84-java-%E4%BB%A3%E7%A0%81-1
步骤三:托管 class 文件https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%B8%89%E6%89%98%E7%AE%A1-class-%E6%96%87%E4%BB%B6-1
步骤四:架设恶意 ldap 服务https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E5%9B%9B%E6%9E%B6%E8%AE%BE%E6%81%B6%E6%84%8F-ldap-%E6%9C%8D%E5%8A%A1-1
步骤五:监听反弹 shell 的端口https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%BA%94%E7%9B%91%E5%90%AC%E5%8F%8D%E5%BC%B9-shell-%E7%9A%84%E7%AB%AF%E5%8F%A3-2
步骤六:发包触发 JNDI 注入https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E5%85%AD%E5%8F%91%E5%8C%85%E8%A7%A6%E5%8F%91-jndi-%E6%B3%A8%E5%85%A5
漏洞分析:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90-6
漏洞环境:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%BC%8F%E6%B4%9E%E7%8E%AF%E5%A2%83-6
0x08:mysql jdbc deserialization RCEhttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x08mysql-jdbc-deserialization-rce
利用条件:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E5%88%A9%E7%94%A8%E6%9D%A1%E4%BB%B6-11
利用方法:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E5%88%A9%E7%94%A8%E6%96%B9%E6%B3%95-11
步骤一:查看环境依赖https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%B8%80%E6%9F%A5%E7%9C%8B%E7%8E%AF%E5%A2%83%E4%BE%9D%E8%B5%96
步骤二:架设恶意 rogue mysql serverhttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%BA%8C%E6%9E%B6%E8%AE%BE%E6%81%B6%E6%84%8F-rogue-mysql-server
步骤三:设置 spring.datasource.url 属性https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%B8%89%E8%AE%BE%E7%BD%AE-springdatasourceurl-%E5%B1%9E%E6%80%A7
步骤四:刷新配置https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E5%9B%9B%E5%88%B7%E6%96%B0%E9%85%8D%E7%BD%AE-1
步骤五:触发数据库查询https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%BA%94%E8%A7%A6%E5%8F%91%E6%95%B0%E6%8D%AE%E5%BA%93%E6%9F%A5%E8%AF%A2
步骤六:恢复正常 jdbc urlhttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E5%85%AD%E6%81%A2%E5%A4%8D%E6%AD%A3%E5%B8%B8-jdbc-url
漏洞原理:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%BC%8F%E6%B4%9E%E5%8E%9F%E7%90%86-6
漏洞分析:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90-7
漏洞环境:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%BC%8F%E6%B4%9E%E7%8E%AF%E5%A2%83-7
0x09:restart logging.config logback JNDI RCEhttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x09restart-loggingconfig-logback-jndi-rce
利用条件:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E5%88%A9%E7%94%A8%E6%9D%A1%E4%BB%B6-12
利用方法:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E5%88%A9%E7%94%A8%E6%96%B9%E6%B3%95-12
步骤一:托管 xml 文件https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%B8%80%E6%89%98%E7%AE%A1-xml-%E6%96%87%E4%BB%B6
步骤二:托管恶意 ldap 服务及代码https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%BA%8C%E6%89%98%E7%AE%A1%E6%81%B6%E6%84%8F-ldap-%E6%9C%8D%E5%8A%A1%E5%8F%8A%E4%BB%A3%E7%A0%81
步骤三:设置 logging.config 属性https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%B8%89%E8%AE%BE%E7%BD%AE-loggingconfig-%E5%B1%9E%E6%80%A7
步骤四:重启应用https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E5%9B%9B%E9%87%8D%E5%90%AF%E5%BA%94%E7%94%A8
漏洞原理:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%BC%8F%E6%B4%9E%E5%8E%9F%E7%90%86-7
漏洞分析:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90-8
漏洞环境:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%BC%8F%E6%B4%9E%E7%8E%AF%E5%A2%83-8
0x0A:restart logging.config groovy RCEhttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x0arestart-loggingconfig-groovy-rce
利用条件:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E5%88%A9%E7%94%A8%E6%9D%A1%E4%BB%B6-13
利用方法:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E5%88%A9%E7%94%A8%E6%96%B9%E6%B3%95-13
步骤一:托管 groovy 文件https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%B8%80%E6%89%98%E7%AE%A1-groovy-%E6%96%87%E4%BB%B6
步骤二:设置 logging.config 属性https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%BA%8C%E8%AE%BE%E7%BD%AE-loggingconfig-%E5%B1%9E%E6%80%A7
步骤三:重启应用https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%B8%89%E9%87%8D%E5%90%AF%E5%BA%94%E7%94%A8
漏洞原理:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%BC%8F%E6%B4%9E%E5%8E%9F%E7%90%86-8
漏洞环境:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%BC%8F%E6%B4%9E%E7%8E%AF%E5%A2%83-9
0x0B:restart spring.main.sources groovy RCEhttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x0brestart-springmainsources-groovy-rce
利用条件:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E5%88%A9%E7%94%A8%E6%9D%A1%E4%BB%B6-14
利用方法:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E5%88%A9%E7%94%A8%E6%96%B9%E6%B3%95-14
步骤一:托管 groovy 文件https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%B8%80%E6%89%98%E7%AE%A1-groovy-%E6%96%87%E4%BB%B6-1
步骤二:设置 spring.main.sources 属性https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%BA%8C%E8%AE%BE%E7%BD%AE-springmainsources-%E5%B1%9E%E6%80%A7
步骤三:重启应用https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%B8%89%E9%87%8D%E5%90%AF%E5%BA%94%E7%94%A8-1
漏洞原理:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%BC%8F%E6%B4%9E%E5%8E%9F%E7%90%86-9
漏洞环境:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%BC%8F%E6%B4%9E%E7%8E%AF%E5%A2%83-10
0x0C:restart spring.datasource.data h2 database RCEhttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x0crestart-springdatasourcedata-h2-database-rce
利用条件:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E5%88%A9%E7%94%A8%E6%9D%A1%E4%BB%B6-15
利用方法:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E5%88%A9%E7%94%A8%E6%96%B9%E6%B3%95-15
步骤一:托管 sql 文件https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%B8%80%E6%89%98%E7%AE%A1-sql-%E6%96%87%E4%BB%B6
步骤二:设置 spring.datasource.data 属性https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%BA%8C%E8%AE%BE%E7%BD%AE-springdatasourcedata-%E5%B1%9E%E6%80%A7
步骤三:重启应用https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%AD%A5%E9%AA%A4%E4%B8%89%E9%87%8D%E5%90%AF%E5%BA%94%E7%94%A8-2
漏洞原理:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%BC%8F%E6%B4%9E%E5%8E%9F%E7%90%86-10
漏洞环境:https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#%E6%BC%8F%E6%B4%9E%E7%8E%AF%E5%A2%83-11
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#零路由和版本
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x01路由知识
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x02版本知识
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#组件版本的相互依赖关系
spring-boot-starter-parenthttps://mvnrepository.com/artifact/org.springframework.boot/spring-boot-starter-parent
spring-boot-dependencieshttps://mvnrepository.com/artifact/org.springframework.boot/spring-boot-dependencies
spring-cloud-dependencieshttps://mvnrepository.com/artifact/org.springframework.cloud/spring-cloud-dependencies
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#spring-cloud-与-spring-boot-版本之间的依赖关系
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#spring-cloud-小版本号的后缀及含义
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#一信息泄露
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x01路由地址及接口调用详情泄漏
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x02配置不当而暴露的路由
production-ready-endpointshttps://docs.spring.io/spring-boot/docs/1.5.10.RELEASE/reference/htmlsingle/#production-ready-endpoints
spring-boot.txthttps://github.com/artsploit/SecLists/blob/master/Discovery/Web-Content/spring-boot.txt
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x03获取被星号脱敏的密码的明文-方法一
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#利用条件
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#利用方法
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤一-找到想要获取的属性名
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤二-jolokia-调用相关-mbean-获取明文
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x04获取被星号脱敏的密码的明文-方法二
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#利用条件-1
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#利用方法-1
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤一-找到想要获取的属性名-1
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤二-使用-nc-监听-http-请求
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤三-设置-eurekaclientserviceurldefaultzone-属性
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤四-刷新配置
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤五-解码属性值
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x05获取被星号脱敏的密码的明文-方法三
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#利用条件-2
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#利用方法-2
issue-1https://github.com/LandGrey/SpringBootVulExploit/issues/1
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤一-找到想要获取的属性名-2
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤二-使用-nc-监听-http-请求-1
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤三-触发对外-http-请求
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤四-刷新配置-1
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x06获取被星号脱敏的密码的明文-方法四
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#利用条件-3
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#利用方法-3
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤一-找到想要获取的属性名-3
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤二-下载-jvm-heap-信息
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤三-使用-mat-获得-jvm-heap-中的密码明文
文章https://landgrey.me/blog/16/
Eclipse Memory Analyzerhttps://www.eclipse.org/mat/downloads.php
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#二远程代码执行
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x01whitelabel-error-page-spel-rce
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#利用条件-4
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#利用方法-4
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤一找到一个正常传参处
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤二执行-spel-表达式
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#漏洞原理
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#漏洞分析
SpringBoot SpEL表达式注入漏洞-分析与复现https://www.cnblogs.com/litlife/p/10183137.html
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#漏洞环境
repository/springboot-spel-rcehttps://github.com/LandGrey/SpringBootVulExploit/tree/master/repository/springboot-spel-rce
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x02spring-cloud-snakeyaml-rce
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#利用条件-5
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#利用方法-5
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤一-托管-yml-和-jar-文件
yaml-payloadhttps://github.com/artsploit/yaml-payload
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤二-设置-springcloudbootstraplocation-属性
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤三-刷新配置
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#漏洞原理-1
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#漏洞分析-1
Exploit Spring Boot Actuator 之 Spring Cloud Env 学习笔记https://b1ngz.github.io/exploit-spring-boot-actuator-spring-cloud-env-note/
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#漏洞环境-1
repository/springcloud-snakeyaml-rcehttps://github.com/LandGrey/SpringBootVulExploit/tree/master/repository/springcloud-snakeyaml-rce
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x03eureka-xstream-deserialization-rce
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#利用条件-6
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#利用方法-6
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤一架设响应恶意-xstream-payload-的网站
python 脚本示例https://raw.githubusercontent.com/LandGrey/SpringBootVulExploit/master/codebase/springboot-xstream-rce.py
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤二监听反弹-shell-的端口
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤三设置-eurekaclientserviceurldefaultzone-属性
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤四刷新配置
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#漏洞原理-2
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#漏洞分析-2
Spring Boot Actuator从未授权访问到getshellhttps://www.freebuf.com/column/234719.html
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#漏洞环境-2
repository/springboot-eureka-xstream-rcehttps://github.com/LandGrey/SpringBootVulExploit/tree/master/repository/springboot-eureka-xstream-rce
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x04jolokia-logback-jndi-rce
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#利用条件-7
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#利用方法-7
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤一查看已存在的-mbeans
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤二托管-xml-文件
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤三准备要执行的-java-代码
Java 示例代码https://raw.githubusercontent.com/LandGrey/SpringBootVulExploit/master/codebase/JNDIObject.java
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤四架设恶意-ldap-服务
marshalsechttps://github.com/mbechler/marshalsec
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤五监听反弹-shell-的端口
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤六从外部-url-地址加载日志配置文件
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#漏洞原理-3
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#漏洞分析-3
spring boot actuator rce via jolokiahttps://xz.aliyun.com/t/4258
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#漏洞环境-3
repository/springboot-jolokia-logback-rcehttps://github.com/LandGrey/SpringBootVulExploit/tree/master/repository/springboot-jolokia-logback-rce
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x05jolokia-realm-jndi-rce
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#利用条件-8
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#利用方法-8
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤一查看已存在的-mbeans-1
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤二准备要执行的-java-代码
Java 示例代码https://raw.githubusercontent.com/LandGrey/SpringBootVulExploit/master/codebase/JNDIObject.java
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤三托管-class-文件
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤四架设恶意-rmi-服务
marshalsechttps://github.com/mbechler/marshalsec
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤五监听反弹-shell-的端口-1
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤六发送恶意-payload
springboot-realm-jndi-rce.pyhttps://raw.githubusercontent.com/LandGrey/SpringBootVulExploit/master/codebase/springboot-realm-jndi-rce.py
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#漏洞原理-4
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#漏洞分析-4
Yet Another Way to Exploit Spring Boot Actuators via Jolokiahttps://static.anquanke.com/download/b/security-geek-2019-q1/article-10.html
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#漏洞环境-4
repository/springboot-jolokia-logback-rcehttps://github.com/LandGrey/SpringBootVulExploit/tree/master/repository/springboot-jolokia-logback-rce
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x06restart-h2-database-query-rce
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#利用条件-9
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#利用方法-9
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤一设置-springdatasourcehikariconnection-test-query-属性
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤二重启应用
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#漏洞原理-5
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#漏洞分析-5
remote-code-execution-in-three-acts-chaining-exposed-actuators-and-h2-databasehttps://spaceraccoon.dev/remote-code-execution-in-three-acts-chaining-exposed-actuators-and-h2-database
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#漏洞环境-5
repository/springboot-h2-database-rcehttps://github.com/LandGrey/SpringBootVulExploit/tree/master/repository/springboot-h2-database-rce
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x07h2-database-console-jndi-rce
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#利用条件-10
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#利用方法-10
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤一访问路由获得-jsessionid
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤二准备要执行的-java-代码-1
Java 示例代码https://raw.githubusercontent.com/LandGrey/SpringBootVulExploit/master/codebase/JNDIObject.java
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤三托管-class-文件-1
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤四架设恶意-ldap-服务-1
marshalsechttps://github.com/mbechler/marshalsec
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤五监听反弹-shell-的端口-2
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤六发包触发-jndi-注入
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#漏洞分析-6
Spring Boot + H2数据库JNDI注入https://mp.weixin.qq.com/s/Yn5U8WHGJZbTJsxwUU3UiQ
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#漏洞环境-6
repository/springboot-h2-database-rcehttps://github.com/LandGrey/SpringBootVulExploit/tree/master/repository/springboot-h2-database-rce
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x08mysql-jdbc-deserialization-rce
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#利用条件-11
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#利用方法-11
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤一查看环境依赖
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤二架设恶意-rogue-mysql-server
springboot-jdbc-deserialization-rce.pyhttps://raw.githubusercontent.com/LandGrey/SpringBootVulExploit/master/codebase/springboot-jdbc-deserialization-rce.py
ysoserialhttps://github.com/frohoff/ysoserial
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤三设置-springdatasourceurl-属性
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤四刷新配置-1
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤五触发数据库查询
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤六恢复正常-jdbc-url
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#漏洞原理-6
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#漏洞分析-7
New-Exploit-Technique-In-Java-Deserialization-Attackhttps://i.blackhat.com/eu-19/Thursday/eu-19-Zhang-New-Exploit-Technique-In-Java-Deserialization-Attack.pdf
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#漏洞环境-7
repository/springboot-mysql-jdbc-rcehttps://github.com/LandGrey/SpringBootVulExploit/tree/master/repository/springboot-mysql-jdbc-rce
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x09restart-loggingconfig-logback-jndi-rce
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#利用条件-12
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#利用方法-12
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤一托管-xml-文件
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤二托管恶意-ldap-服务及代码
文章https://landgrey.me/blog/21/
JNDIExploithttps://github.com/feihong-cs/JNDIExploit
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤三设置-loggingconfig-属性
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤四重启应用
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#漏洞原理-7
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#漏洞分析-8
spring boot actuator rce via jolokiahttps://xz.aliyun.com/t/4258
https://landgrey.me/blog/21/https://landgrey.me/blog/21/
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#漏洞环境-8
repository/springboot-restart-rcehttps://github.com/LandGrey/SpringBootVulExploit/tree/master/repository/springboot-restart-rce
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x0arestart-loggingconfig-groovy-rce
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#利用条件-13
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#利用方法-13
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤一托管-groovy-文件
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤二设置-loggingconfig-属性
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤三重启应用
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#漏洞原理-8
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#漏洞环境-9
repository/springboot-restart-rcehttps://github.com/LandGrey/SpringBootVulExploit/tree/master/repository/springboot-restart-rce
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x0brestart-springmainsources-groovy-rce
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#利用条件-14
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#利用方法-14
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤一托管-groovy-文件-1
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤二设置-springmainsources-属性
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤三重启应用-1
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#漏洞原理-9
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#漏洞环境-10
repository/springboot-restart-rcehttps://github.com/LandGrey/SpringBootVulExploit/tree/master/repository/springboot-restart-rce
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#0x0crestart-springdatasourcedata-h2-database-rce
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#利用条件-15
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#利用方法-15
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤一托管-sql-文件
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤二设置-springdatasourcedata-属性
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#步骤三重启应用-2
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#漏洞原理-10
https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#漏洞环境-11
repository/springboot-restart-rcehttps://github.com/LandGrey/SpringBootVulExploit/tree/master/repository/springboot-restart-rce
Readme https://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit#readme-ov-file
Please reload this pagehttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit
Activityhttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit/activity
0 starshttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit/stargazers
0 watchinghttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit/watchers
0 forkshttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit/forks
Report repository https://patch-diff.githubusercontent.com/contact/report-content?content_url=https%3A%2F%2Fgithub.com%2Fsofunc%2FSpringBootVulExploit&report=sofunc+%28user%29
Releaseshttps://patch-diff.githubusercontent.com/sofunc/SpringBootVulExploit/releases
Packages 0https://patch-diff.githubusercontent.com/users/sofunc/packages?repo_name=SpringBootVulExploit
https://github.com
Termshttps://docs.github.com/site-policy/github-terms/github-terms-of-service
Privacyhttps://docs.github.com/site-policy/privacy-policies/github-privacy-statement
Securityhttps://github.com/security
Statushttps://www.githubstatus.com/
Communityhttps://github.community/
Docshttps://docs.github.com/
Contacthttps://support.github.com?tags=dotcom-footer

Viewport: width=device-width

URLs of crawlers that visited me.