all InfoSec news
Need help with a java deserialization CommonsCollections4
Oct. 28, 2023, 5:24 p.m. | /u/CyberBarbier
cybersecurity www.reddit.com
I'm able to execute certutil.exe and ping -n 1 -l 1 [10.10.10.10](https://10.10.10.10) for example,
I get both dns and http request to the correct endpoint using certutil, while an icmp dump shows the ping so the command injection is pretty much confirmed.
Thing is, I haven't been able to go past that,
the server should be [ASP.NET](https://ASP.NET) but the deserialization is in Java and the …
base64 bounty certutil command command injection cybersecurity deserialization dns endpoint found hello http icmp injection java java deserialization ping private request
More from www.reddit.com / cybersecurity
How does hiring in APT groups work?
15 hours ago |
www.reddit.com
State of WiFi Security in 2024
16 hours ago |
www.reddit.com
Prioritize Blue Team for Cybersecurity Success
18 hours ago |
www.reddit.com
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Security Compliance Strategist
@ Grab | Petaling Jaya, Malaysia
Cloud Security Architect, Lead
@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)