WRITEUP #1022

Taking Entire server control Part 2 of How I Earned $2500 in 5 Minutes | CVE-2017–5638 | OGNL injection | RCE

RCEOGNL injectionComponents with known vulnerabilities

by@karthithehacker(Karthikeyan.V)

Bounty

2,500

Program

Published

Jun 27, 2023

Added to HackDex

Jun 27, 2023

Read Full Writeuphttps://medium.com/@karthithehacker/taking-entire-server-control-part-2-of-how-i-earned-2500-in-5-minutes-cve-2017-5638-ognl-92f4213ca219

▸ RELATED WRITEUPS

How I got $24000 Bounty from a Log4j RCE in Apple App Store.

RCEComponents with known vulnerabilities

Studying 0days: How we hacked Anki, the world's most popular flashcard app

RCEComponents with known vulnerabilities

We hacked Anki - 0 day exploit from studying someone elses flashcards

RCEComponents with known vulnerabilities

Vulnerabilities in Open Source C2 Frameworks

RCEOS command injection

[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package

RCEDependency confusion

Built with ❤️ by Shubham Rawat