Shulou(Shulou.com)05/31 Report--

This article focuses on "how to abuse the Java remote protocol loophole in the IBM WebSphere platform". Interested friends may wish to take a look. The method introduced in this paper is simple, fast and practical. Let's let the editor take you to learn how to abuse the Java remote protocol loophole in IBM WebSphere platform.

CORBA, the common object request broker architecture, is a standardized specification defined by the object Management Organization (OMG). It is a platform-independent RPC framework and predates standards such as SOAP and gRPC. In a distributed environment, CORBA uses Internet InterORB Protocol (IIOP) to communicate between endpoints. In the default installation configuration of IBM WebSphere, the CORBA service can run on TCP ports 2809, 9100, 9402, and 9403. The Interceptor class will intercept the invocation request before invoking the service method. What we need to note here is the TxServerInterceptor class.

CVE-2020-4450-snippet-1.java:public void receive_request (ServerRequestInfo sri) {/ /... snip... If (TxProperties.SINGLE_PROCESS) {propagationContext = TxInterceptorHelper.demarshalContext (serviceContext.context_data, (ORB) ((LocalObject) sri). _ orb (); / /

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.