Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-29505 PoC — XStream 代码问题漏洞

Source
https://github.com/cuijiung/xstream-CVE-2021-29505
Associated Vulnerability
Title:XStream 代码问题漏洞 (CVE-2021-29505)
Description:XStream是XStream(Xstream)团队的一个轻量级的、简单易用的开源Java类库,它主要用于将对象序列化成XML(JSON)或反序列化为对象。 XStream存在代码问题漏洞,该漏洞允许远程攻击者有足够的权限仅通过操纵处理后的输入流来执行主机的命令。
Readme
# xstream-CVE-2021-29505
File Snapshot

 [4.0K]  /data/pocs/01f54ee3ff2347e682399051d21f2c670a0ea609
├── [1.0K]  pom.xml
├── [  25]  README.md
├── [4.0K]  src
│   └── [4.0K]  main
│       └── [4.0K]  java
│           └── [4.9K]  Main.java
└── [ 57M]  ysoserial-all.jar

3 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.