¯_(ツ)_/¯
- python soap-monitor-service-exploit.py
Java deserialization file upload proof of concept. If there are dangerous gadgets in the classpath (like commons-collections), remote code execution can also happen.
SOAPMonitorService is disabled by default, but it can be dangerous if someone is pivoting in an internal network of a software house.
- logback-CVE-2017-5929.py
Java deserialization POC. This exploit was discovered and published under CVE-2017-5929. Allows remote code execution for version logback:logback:1.1.10 and earlier.
Nist link: https://nvd.nist.gov/vuln/detail/CVE-2017-5929
Mitre link: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5929
Logback news stating that the bug is fixed: https://logback.qos.ch/news.html (see February 8th)
Discovered: 06/02/2017
Reported: 07/02/2017
Fixed and released (version 1.2.0): 08/02/2017
sha512 fcaf6092a50faea8145b8c41ee9a76b15530ce9ccd963a5e082e2b45243fc710c58dcce689ee0e30fd4d6d2fbfa9d8520d2b947989f8e1bb9fd9602314af0e3b
sha512
943B17FE31B2A991CC119198C4B3E862BBD9E920D10CF898A18CF99EF2592E5D05748E1F99B605588B84170E812DFFE2A08BE2391D1FD161D9FA41115AD24347