Completed
Double Injection
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Struts 2 Must Die - The Life and Inevitable Death of Java’s Spaghettiest Framework
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Why is struts so explosive
- 3 Struts vulnerabilities
- 4 Struts evaluation
- 5 View with Struts
- 6 GetValue method
- 7 GetValue class
- 8 The injection point
- 9 Single vs Double
- 10 Single Injection
- 11 Double Injection
- 12 GetText
- 13 FirstPayload
- 14 Dynamic constructor
- 15 Blacklist
- 16 Default Member Access
- 17 Check if application is vulnerable
- 18 Why this starts safe
- 19 What does this mean
- 20 Take home message
- 21 Conclusion