all InfoSec news
Need help with a java deserialization CommonsCollections4
Oct. 28, 2023, 5:24 p.m. | /u/CyberBarbier
cybersecurity www.reddit.com
I'm able to execute certutil.exe and ping -n 1 -l 1 [10.10.10.10](https://10.10.10.10) for example,
I get both dns and http request to the correct endpoint using certutil, while an icmp dump shows the ping so the command injection is pretty much confirmed.
Thing is, I haven't been able to go past that,
the server should be [ASP.NET](https://ASP.NET) but the deserialization is in Java and the …
base64 bounty certutil command command injection cybersecurity deserialization dns endpoint found hello http icmp injection java java deserialization ping private request
More from www.reddit.com / cybersecurity
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Associate Principal Security Engineer
@ Activision Blizzard | Work from Home - CA
Security Engineer- Systems Integration
@ Meta | Bellevue, WA | Menlo Park, CA | New York City
Lead Security Engineer (Digital Forensic and IR Analyst)
@ Blue Yonder | Hyderabad
Senior Principal IAM Engineering Program Manager Cybersecurity
@ Providence | Redmond, WA, United States
Information Security Analyst II or III
@ Entergy | The Woodlands, Texas, United States