The samples of RMI&JNDI attack
- Client Attack Server
- Server Attack Client
- Registry Attack Client
- Registry Attack Server
- Client Attack Registry
- Server Attack Registry
- Bypass JEP290 8u121~8u230(
DGCClient#dirty) - Bypass JEP290 8u231~8u240(
UnicastRemoteObject#readObject)
- RMI Server
- LDAP Server
- High version bypass(The LDAP server returns malicious serialized data)
- High version bypass(Using The local factory class
org.apache.naming.facotry.BeanFactoryto execute an EL expression)