作为Java安全初学者,经常在搭建调试环境时遇到各类问题(依赖包等等)。因此将自己调试所用的项目环境整理在此,通过IDEA可以方便的运行各个漏洞环境进行调试分析
- dubbo
- f5 BIGIP
- fastjson
- mysql-connector-java rce & fileread
- rmi
- shiro auth bypass
- springboot actuator rce by spring cloud & h2
- springboot actuator rce by spring cloud & yaml
- springboot actuator rce by jolokia & logback
- springboot actuator rce by jolokia & realm
- springboot spel
- thymeleaf ssti
- xstream CVE-2020-26217
- log4j rce CVE-2021-44228