Framework vulnerability Series 1: struts vulnerability summary

preface: The loopholes reproduced in this article are not particularly comprehensive, but the loopholes in the last two years have been selected for reproduction in order to effectively reproduce the loopholes. After all, some old loopholes basically do not exist. 1, Introduction to Struts 1. Introduction Basic introduction: Struts is Ap ...

Posted by Lucidnight on Fri, 03 Dec 2021 15:57:53 +0100

ThinkPHP5.0.24_ Analysis of deserialization vulnerability in Linux

ThinkPHP5.0.24_ Analysis of deserialization vulnerability in Linux ThinkPHP5.0.24Vulnerability code<?php namespace app\index\controller; class Index { public function test01(){ $code = $_POST['code']; unserialize(base64_decode($code)); } } payload/index.php/index/index/test01 POST code=TzoyNzoidGhpbmtccHJvY2Vzc1xwa ...

Posted by trevorturtle on Mon, 22 Nov 2021 06:40:53 +0100

kubernetes based on jenkins spinnaker's ci/cd practice - adding product image scanning

preface:Early jenkins assumed all the functions of ci/cd in kubernetes Jenkins Pipeline evolution , we are going to split the cd continuous integration into spinnaker!Of course, the normal idea should be to get through the user account of jenkins spinnaker and integrate ldap.spinnaker account system. Relevant experiments have been done before i ...

Posted by bow-viper1 on Sun, 21 Nov 2021 03:31:53 +0100