dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix link to XStream blog which no longer exists (#740)

Browse Source
This commit is contained in:
Nanne Baars 2020-01-05 19:48:40 +01:00 committed by René Zubcevic
parent 71f2d2968f
commit 5de82c0a06
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
webgoat-lessons/vulnerable-components/src/main/resources/lessonPlans/en/VulnerableComponents_content5.adoc
View File

@ -8,7 +8,7 @@ Ref: http://www.pcworld.com/article/3004633/business-security/thousands-of-java-
=== Dinis Cruz and Alvaro Munoz exploit of XStream === Dinis Cruz and Alvaro Munoz exploit of XStream
XStream, a relatively common XML and JSON parsing library, has a nasty little remote code execution. + XStream, a relatively common XML and JSON parsing library, has a nasty little remote code execution. +
Ref: http://blog.diniscruz.com/2013/12/xstream-remote-code-execution-exploit.html[Dinis Cruz Blog] + Ref: https://web.archive.org/web/20190718132219/http://blog.diniscruz.com/2013/12/xstream-remote-code-execution-exploit.html[Dinis Cruz Blog] +
https://github.com/pwntester/XStreamPOC[pwntester/XStreamPOC] https://github.com/pwntester/XStreamPOC[pwntester/XStreamPOC]
You may want to read the article(s) before trying this lesson. Let's see if you can figure out how to exploit this in WebGoat. You may want to read the article(s) before trying this lesson. Let's see if you can figure out how to exploit this in WebGoat.