关联漏洞
介绍
# Apache Batik SSRF to RCE Jar Exploit
## Component link
https://github.com/apache/xmlgraphics-batik
## Blog
https://www.zerodayinitiative.com/blog/2022/10/28/vulnerabilities-in-apache-batik-default-security-controls-ssrf-and-rce-through-remote-class-loading
## Usage
- Modify the line 11 in src/main/java/com.poc.Poc.java to change the command.
- Run `mvn clean package`
- Exploit can be found in target/
Then you need to navigate to the [Poc/](Poc) to use this exploit jar.
### Poc contains:
- SSRF
- RCE via jar
- RCE via ecmascript
文件快照
[4.0K] /data/pocs/4b3b7ea6fd2b8ee995af529f0960139f5de4c270
├── [4.0K] Poc
│ ├── [ 878] RCE_Jar.md
│ ├── [ 750] RCE_Script.md
│ └── [ 671] SSRF.md
├── [1.2K] pom.xml
├── [ 545] README.md
└── [4.0K] src
└── [4.0K] main
├── [4.0K] java
│ └── [4.0K] com
│ └── [4.0K] poc
│ └── [ 517] Poc.java
└── [4.0K] resources
└── [4.0K] META-INF
└── [ 53] MANIFEST.MF
8 directories, 7 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。