CVE-2022-40664 research walkthrough (Apache Shiro bypass)

preview_player
Показать описание
Apache Shiro before 1.10.0, Authentication Bypass Vulnerability in Shiro when forwarding or including via RequestDispatcher.

More research details on github :)

## TOOLS

JAVA/SPRING BOOT/**SHIRO**/MAVEN/IDEA/BURP SUITE

## REF
  1. 4xin bin
  2. CVE-2022-40664
  3. CyberScurity
  4. Apache
  5. Shiro
  6. JAVA
Рекомендации по теме
CVE-2022-40664 research walkthrough 0:01:18

CVE-2022-40664 research walkthrough (Apache Shiro bypass)

CVE-2022-42889 - Text4shell 0:01:10

CVE-2022-42889 - Text4shell Vulnerability Demonstration

CVE-2022-32786 0:01:14

CVE-2022-32786

Critical RCE Flaw 0:00:15

Critical RCE Flaw reported on Spotify's Backstage CVE-2022-36067 CVSS 9.8 🔥🔥🔥 #shorts #spotify...

CVE 2022 22965 0:04:23

CVE 2022 22965 Spring4shell

Is SQL Server 0:02:15

Is SQL Server affected by OpenSSL 3.0 Vulnerabilities: CVE 2022-3786 and CVE 2022-3602

What is CVE? 0:00:45

What is CVE?

S2-048 (CVE-2017-9791) showcase 0:00:42

S2-048 (CVE-2017-9791) showcase

Exploit the new 0:11:01

Exploit the new vulnerability on WSO2 assigned as CVE-2022-29464 by using Shodan

Les Hazlewood - 0:42:50

Les Hazlewood - Session Clustering with Cassandra and Apache Shiro

CVE-2019-6447 for ISN-1703 0:10:46

CVE-2019-6447 for ISN-1703 (ES File Explorer Open TCP Port 59777 Exploit)

Сила четырех байтов: 0:57:25

Сила четырех байтов: эксплуатация уязвимости CVE-2021-26708 в ядре Linux. Александр Попов...

Building Modern Analytics 0:15:32

Building Modern Analytics Applications with Apache Druid

Extracting Patient Narrative 0:35:05

Extracting Patient Narrative from Clinical Notes: Implement Apache Ctakes @ Scale Using Apache Spark

Java exploiting with 0:16:24

Java exploiting with ysoserial and how gadget chains work