Back to directory

WRITEUP #2237

Groovy Template Engine Exploitation – Notes from a real case scenario

RCECode injection

by@0x_nope(Gianluca Baldi)

Program

-

Published

Sep 7, 2022

Added to HackDex

Sep 20, 2022

Read Full Writeuphttps://security.humanativaspa.it/groovy-template-engine-exploitation-notes-from-a-real-case-scenario/

▸ RELATED WRITEUPS

Spip Preauth RCE 2024: Part 1, The Feather

RCECode injection

How i hacked NASA? at NASA VDP

RCECode injection

Vulnerabilities in Open Source C2 Frameworks

RCEOS command injection

[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package

RCEDependency confusion

Attacking PowerShell CLIXML Deserialization

DeserializationInsecure deserialization

Built with ❤️ by Shubham Rawat