H2 RCE via Malicious JDBC Connection String in WSO2 ESB
by Loki - Tuesday July 2, 2024 at 12:41 PM
The God of Stories
user_229941
Posts: 2,445
Threads: 64
Joined: Jun 2024
Reputation: 1,757

ActiveShoutbox AddictGamer
#1
07-02-2024, 12:41 PM
Found this on Github.
https://github.com/mbadanoiu/WSO2-2021-1...1-1259.pdf
How to find vulnerable servers?
Fofa hunt rule - 
Hidden Content
You must register or login to view this content.

P.S.: The vuln is 2-3months old, so might be best to try timeline around later 2023 / early 2024

Happy hacking  Omnicer
[Image: e47c91a87cc521d1efbd20183b42ee4259c9c593.gifv]
PGP
Reply
Elite User

Posts: 124
Threads: 19
Joined: Sep 2023
Reputation: -381
#2
07-02-2024, 05:11 PM
thanks comrade comissar
Reply
Breached
Member
Posts: 48
Threads: 1
Joined: Jul 2024
Reputation: 0
#3
08-02-2024, 03:49 AM (This post was last modified: 08-02-2024, 03:49 AM by 9CLEAN.)
query search in shodan ?
Reply
Banned

Posts: 38
Threads: 0
Joined: Jan 2025
Reputation: 0
#4
02-18-2025, 04:24 PM
I will open calc.exe on a server with this exploit.
This forum account is currently banned. Ban Length: (Permanent)
Ban Reason: Leeching | http://breached26tezcofqla4adzyn22notfqw...an-Appeals if you feel this is incorrect.
Reply


Forum Jump:


 Users browsing this thread: