The samples of RMI&JNDI Attack

F4DE@Syclover

Last update: Aug 24, 2022

Related tags

Security RMI-JNDI-Attack-Samples

Overview

RMI-JNDI-Attack-Samples

The samples of RMI&JNDI attack

RMI

Client Attack Server
Server Attack Client
Registry Attack Client
Registry Attack Server
Client Attack Registry
Server Attack Registry
Bypass JEP290 8u121~8u230(DGCClient#dirty)
Bypass JEP290 8u231~8u240(UnicastRemoteObject#readObject)

JNDI

RMI Server
LDAP Server
High version bypass(The LDAP server returns malicious serialized data)
High version bypass(Using The local factory class org.apache.naming.facotry.BeanFactory to execute an EL expression)

CVE-2021-2109 && Weblogic Server RCE via JNDI

Description Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected

Nov 21, 2022

Log4j-payload-generator - Log4j jndi injects the Payload generator

0x01 简介 log4j-payload-generator是 woodpecker框架生产log4 jndi注入漏洞payload的插件。目前可以一键生产以下5类payload。原始payload {[upper|lower]:x}类型随机混payload {[upper|lower]:x}

Dec 30, 2022

Disables JNDI lookup globally using Java agent instrumentation, mitigation for Log4Shell attacks.

NoJNDI This is a simple proof of concept agent that disables JNDI lookups globally across the JVM. This is useful for mitigating the Log4Shell attack,

Dec 29, 2021

JNDI-Exploit-Kit

JNDI-Exploit-Kit Disclaimer This is a forked modified version of the great exploitation tool created by @welk1n

Dec 7, 2022

Java EE 7 Samples

Java EE 7 Samples This workspace consists of Java EE 7 Samples and unit tests. They are categorized in different directories, one for each Technology/

Dec 20, 2022

This repository consists of the code samples, assignments, and the curriculum for the Community Classroom complete Data Structures & Algorithms Java bootcamp.

DSA-Bootcamp-Java Subscribe to our channel Complete Playlist Syllabus Discord for discussions Telegram for announcements Connect with me Follow Co

Jan 1, 2023

JCuda samples

jcuda-samples This repository contains samples for the JCuda libraries. Note: Some of the samples require third-party libraries, JCuda libraries that

Nov 13, 2022

These samples explore the different options that Spring Boot developers have for using Javascript and CSS on the client (browser) side of their application.

Table of Contents Getting Started Narrowing the Choices Create a New Application Webjars Show Me Some Javascript Normalizing Resource Paths Adding Tab

Jul 29, 2022

Samples showing practical aspect of EventStoreDB, Event Sourcing

EventStoreDB samples EventStoreDB is an industrial-strength database technology used as the central data store for event-sourced systems. It is availa

Oct 26, 2022

This repository consists of the code samples, assignments, and the curriculum for Data Structures & Algorithms in Java.

DSA_JAVA_REPO WELCOME TO THIS DSA REPO 100 DAYS OF CHALLENGE ⚡ Technologies Language ABOUT THE REPO It's contain basic syntex of java if you want to l

Jan 21, 2022

Owner

F4DE@Syclover

Web Security | Student

GitHub

A java implementation of Enigma, and a modern attack to decrypt it.

Java Enigma This is a Java implementation of an Enigma machine, along with code that attempts to break the encryption. This code is associated with an

584 Jan 4, 2023

Stops double clicks from impacting a player's knockback by only allowing the attack packet to be processed only once per tick per player

Stops double clicks from impacting a player's knockback by only allowing the attack packet to be processed only once per tick per player. It also moves the damage tick check to execute as soon as possible.

2 Oct 28, 2022

Disables JNDI lookup globally using Java agent instrumentation, mitigation for Log4Shell attacks.

NoJNDI This is a simple proof of concept agent that disables JNDI lookups globally across the JVM. This is useful for mitigating the Log4Shell attack,

9 Dec 29, 2021

JNDI-Exploit-Kit

JNDI-Exploit-Kit Disclaimer This is a forked modified version of the great exploitation tool created by @welk1n

20 Dec 7, 2022

JNDI-Exploit is an exploit on Java Naming and Directory Interface (JNDI) from the deleted project fromthe user feihong on GitHub.

JNDI-Exploit JNDI-Exploit is a fork from the deleted project ftom the user feihong-cs on GitHub. To learn more about JNDI and what you can do with thi

4 Dec 6, 2022

A java implementation of Enigma, and a modern attack to decrypt it.

Java Enigma This is a Java implementation of an Enigma machine, along with code that attempts to break the encryption. This code is associated with an

584 Jan 4, 2023

Stops double clicks from impacting a player's knockback by only allowing the attack packet to be processed only once per tick per player

2 Oct 28, 2022

The samples of RMI&JNDI Attack

Related tags

Overview

RMI-JNDI-Attack-Samples

RMI

JNDI

You might also like...

CVE-2021-2109 && Weblogic Server RCE via JNDI

Log4j-payload-generator - Log4j jndi injects the Payload generator

Disables JNDI lookup globally using Java agent instrumentation, mitigation for Log4Shell attacks.

JNDI-Exploit-Kit

Java EE 7 Samples

This repository consists of the code samples, assignments, and the curriculum for the Community Classroom complete Data Structures & Algorithms Java bootcamp.

JCuda samples

These samples explore the different options that Spring Boot developers have for using Javascript and CSS on the client (browser) side of their application.

Samples showing practical aspect of EventStoreDB, Event Sourcing

This repository consists of the code samples, assignments, and the curriculum for Data Structures & Algorithms in Java.

Owner

F4DE@Syclover

A java implementation of Enigma, and a modern attack to decrypt it.

Stops double clicks from impacting a player's knockback by only allowing the attack packet to be processed only once per tick per player

Disables JNDI lookup globally using Java agent instrumentation, mitigation for Log4Shell attacks.

JNDI-Exploit-Kit

JNDI-Exploit is an exploit on Java Naming and Directory Interface (JNDI) from the deleted project fromthe user feihong on GitHub.

A java implementation of Enigma, and a modern attack to decrypt it.

Stops double clicks from impacting a player's knockback by only allowing the attack packet to be processed only once per tick per player

Apache Log4j2 CVE-2021-44228 RCE Demo with RMI and LDAP

An evil RMI server that can launch an arbitrary command. May be useful for CVE-2021-44228

Log4j CVE-2021-44228 examples: Remote Code Execution (through LDAP, RMI, ...), Forced DNS queries, ...