Oracle Access Manager Pre-Auth RCE (CVE-2021–35587 Analysis)

  • First part: call the requestHandler.process() to parse, validate incoming XML data
  • Second part: call the PBLFlowManager.delegateToMasterController() to handle the logic feature of current request
<?xml version=”1.0" encoding=”UTF-8" standalone=”yes”?><RequestSet vers=”vers123" svcid=”session” reqid=”req_1”><Request dtdid=”dtd1" sid=”sid1">Data</Request></RequestSet>
  • NamingService with svcid: com.iplanet.am.naming
  • AuthXMLHandler with svcid: auth
  • SessionRequestHandler with svcid: session
  • PolicyXMLHandler with svcid: policy

--

--

--

asdasd asdasdasd asdasdasd

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

{UPDATE} Кроссворды на русском офлайн Hack Free Resources Generator

Raspberry Pi

Product Update 10.31.21: Our Favorite Guides to Great Code Reviews

Alvin’s Dew Drop Daily — Issue #128

Android MVI with Jetpack Compose

Beginner’s Guide to Python f-Strings

Can the Definition of Done change per Sprint?

How to automate your AWS infrastructure using Ansible and Terraform?

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Jang

Jang

asdasd asdasdasd asdasdasd

More from Medium

Detecting and responding to Apache “Log4j 2” (CVE-2021–44228) using Google Chronicle

Bypassing CSRF token protection by abusing a misconfigured CORS policy

First Time Hacking The Cloud

Load Malware from Public Cloud Campaign