FastJSON
FastJSON Deserialization
Lab: Vulhub FastJSON 1.2.24 Deserialization
Spawn a Docker container:
cd vulhub/fastjson/1.2.24-rce
docker-compose up -d
The vulnerable application will be hosted on http://localhost:8090
. The application shows the following JSON data:
{
"age":25,
"name":"Bob"
}
You can modify it by sending a POST request:
curl http://localhost:8090/ -H "Content-Type: application/json" --data '{"name":"hello", "age":20}'
Reference
Last updated
Was this helpful?