XStream 1.4.15 Blacklist Bypass

#1 Gadget Overview

Recently, I found a new deserialzation gadget which can bypass the latest version of XStream. This gadget use the JDK to construct the gadget chain. I had tested the gadget chain to RCE (remote code execute) with the version of JDK8 (8u162). I think other version of JDK also could trigger this vulnerablity to the RCE.

cve

CVE-2016-5195 Dirtycow

概述

最近出来的dirtycow,影响版本:Linux kernel >= 2.6.22(2007年发行,到今年10月18日才修复),用网上的EXP试了一下,记录一下过程

cve

MYSQL提权分析

概述

几天前出了mysql本地提权的0day,虽然现在官方已经出了补丁,但是受影响的主机还是挺多的。跟进操作一遍:)

cve