CVE-2018-1297 PoC — Apache JMeter 安全漏洞

Source

https://github.com/Al1ex/CVE-2018-1297

Associated Vulnerability

Title:Apache JMeter 安全漏洞 (CVE-2018-1297)
Description:Apache JMeter是美国阿帕奇（Apache）软件基金会的一套使用Java语言编写的用于压力测试和性能测试的开源软件。 Apache JMeter 2.x版本和3.x版本中存在安全漏洞。攻击者可利用该漏洞获取JMeterEngine的访问权限并发送未授权的代码。

Description

EXP for CVE-2018-1297

Readme

# CVE-2018-1297
EXP for CVE-2018-1297

PS:you need download ysoserial by yourself!!!
https://github.com/Al1ex/ysoserial-0.0.6-SNAPSHOT-all/releases

File Snapshot


 [4.0K]  /data/pocs/08e7bbfc08965404969e2b8267e7499a5668ec5c
├── [3.0K]  JmeterRMI.py
└── [ 148]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!