star's blog


  • Home

  • Archives

CVE-2022-26134复现

Posted on 2022-06-20

Confluence pre-auth rce复现

Confluence server and data center

影响版本

1.3.0-7.4.17,7.13.0-7.13.7,7.14.0-7.14.3,7.15.0-7.15.2,7.16.0-7.16.4,7.17.0-7.17.4,7.18.0- 7.18.1.

Read more »

A vulnerability in CasaOS

Posted on 2022-01-08
descriptionA command injection in CasaOS last version which will lead to getshell and affect all v ...
Read more »

Vulnerability in CRMEB

Posted on 2021-12-17
Here's something encrypted, password is required to continue reading.
Read more »

vulnerability in bbs-go

Posted on 2021-12-17
Here's something encrypted, password is required to continue reading.
Read more »

绿盟杯awd总结

Posted on 2021-12-05

这次比赛侥幸拿到第二,这里记录下赛后的一些复现和思考。

Read more »

CVE-2021-2394分析

Posted on 2021-11-21

weblogic T3协议的反序列化漏洞,因为这里涉及了weblogic自身的一些链,所以抛去t3协议来分析一下。这里主要的关注点集中在weblogic的反序列化链上。

Read more »

ret2dlresolve简单小记

Posted on 2021-11-05

ret2dlresolver学习笔记

Read more »

pwn入门

Posted on 2021-08-26

因为工作的关系接触了一些iot漏洞挖掘,因此想在工作之余补充一些二进制的漏洞利用的基础知识。

Read more »

jrmp攻击思路分析

Posted on 2021-04-05

关于jrmp攻击思路的分析,主要分析了利用jrmp协议攻击注册端的思路,并分析对JEP290的绕过和防御。

Read more »

fastjson漏洞复现

Posted on 2021-03-28

关于fastjson漏洞复现的一些思考

Read more »
12…5>

star

ctf wp and technologies about security

50 posts
32 tags
© 2022 star
Powered by Hexo
|
Theme — NexT.Muse v5.1.4