{"title":"Hexo","link":[{"@attributes":{"href":"\/atom.xml","rel":"self"}},{"@attributes":{"href":"https:\/\/blog.sari3l.com\/"}}],"updated":"2022-06-08T14:10:58.885Z","id":"https:\/\/blog.sari3l.com\/","author":{"name":"Sariel.D"},"generator":"Hexo","entry":[{"title":"Confluence CVE-2022-26134 \u89e3\u6790","link":{"@attributes":{"href":"https:\/\/blog.sari3l.com\/posts\/bc626227\/"}},"id":"https:\/\/blog.sari3l.com\/posts\/bc626227\/","published":"2022-06-08T13:58:58.000Z","updated":"2022-06-08T14:10:58.885Z","content":{"@attributes":{"type":"html"}},"summary":"\n    \n      <p>\u8bb8\u4e45\u6ca1\u6709\u5199\u535a\u5ba2\u4e86\uff0c\u8fd8\u662f\u8981\u597d\u597d\u5b66\u4e60\u3002<\/p>\n    \n    "},{"title":"CodeQL \u5b66\u4e60\u5c0f\u8bb0 Log4j","link":{"@attributes":{"href":"https:\/\/blog.sari3l.com\/posts\/b6c4d907\/"}},"id":"https:\/\/blog.sari3l.com\/posts\/b6c4d907\/","published":"2021-12-30T06:32:20.000Z","updated":"2021-12-30T07:00:59.201Z","content":{"@attributes":{"type":"html"}},"summary":"\n    \n      <p>\u518d\u6c34\u4e00\u7bc7 CodeQL<\/p>\n    \n    ","category":{"@attributes":{"term":"CodeQL","scheme":"https:\/\/blog.sari3l.com\/tags\/CodeQL\/"}}},{"title":"CodeQL \u5b66\u4e60\u5c0f\u8bb0","link":{"@attributes":{"href":"https:\/\/blog.sari3l.com\/posts\/91764dea\/"}},"id":"https:\/\/blog.sari3l.com\/posts\/91764dea\/","published":"2021-12-27T13:23:51.000Z","updated":"2021-12-30T07:01:03.558Z","content":{"@attributes":{"type":"html"}},"summary":"\n    \n      <p>\u5168\u4e16\u754c\u90fd\u5728\u5b66CodeQL\uff1f<\/p>\n    \n    ","category":{"@attributes":{"term":"CodeQL","scheme":"https:\/\/blog.sari3l.com\/tags\/CodeQL\/"}}},{"title":"Log4shell \u5c0f\u8bb0","link":{"@attributes":{"href":"https:\/\/blog.sari3l.com\/posts\/9e42d867\/"}},"id":"https:\/\/blog.sari3l.com\/posts\/9e42d867\/","published":"2021-12-13T17:32:35.000Z","updated":"2021-12-16T09:50:05.977Z","content":{"@attributes":{"type":"html"}},"summary":"\n    \n      <p>\u597d\u4e45\u6ca1\u66f4\u65b0\u535a\u5ba2\u4e86~<\/p>\n    \n    "},{"title":"\u6df1\u4fe1\u670d SSL VPN Nday - Pre Auth \u4efb\u610f\u5bc6\u7801\u91cd\u7f6e","link":{"@attributes":{"href":"https:\/\/blog.sari3l.com\/posts\/9a92d107\/"}},"id":"https:\/\/blog.sari3l.com\/posts\/9a92d107\/","published":"2020-09-15T03:04:12.000Z","updated":"2022-01-05T13:38:54.315Z","content":{"@attributes":{"type":"html"}},"summary":"\n    \n      \u5e94\u5382\u5546\u9700\u6c42\u52a0\ud83d\udd10\uff0c\u5f85\u5408\u9002\u65f6\u95f4\u91cd\u65b0\u5f00\u653e\uff0c\u8bf7\u52ff\u4e8c\u6b21\u5916\u6cc4\n    \n    ","category":[{"@attributes":{"term":"\u6df1\u4fe1\u670d","scheme":"https:\/\/blog.sari3l.com\/tags\/%E6%B7%B1%E4%BF%A1%E6%9C%8D\/"}},{"@attributes":{"term":"hw2020","scheme":"https:\/\/blog.sari3l.com\/tags\/hw2020\/"}}]},{"title":"\u6df1\u4fe1\u670d SSL VPN Nday - Pre Auth \u4fee\u6539\u7ed1\u5b9a\u624b\u673a","link":{"@attributes":{"href":"https:\/\/blog.sari3l.com\/posts\/fd03bf87\/"}},"id":"https:\/\/blog.sari3l.com\/posts\/fd03bf87\/","published":"2020-09-14T16:09:16.000Z","updated":"2022-01-05T13:39:13.678Z","content":{"@attributes":{"type":"html"}},"summary":"\n    \n      \u5e94\u5382\u5546\u9700\u6c42\u52a0\ud83d\udd10\uff0c\u5f85\u5408\u9002\u65f6\u95f4\u91cd\u65b0\u5f00\u653e\uff0c\u8bf7\u52ff\u4e8c\u6b21\u5916\u6cc4\n    \n    ","category":[{"@attributes":{"term":"\u6df1\u4fe1\u670d","scheme":"https:\/\/blog.sari3l.com\/tags\/%E6%B7%B1%E4%BF%A1%E6%9C%8D\/"}},{"@attributes":{"term":"hw2020","scheme":"https:\/\/blog.sari3l.com\/tags\/hw2020\/"}}]},{"title":"\u6df1\u4fe1\u670d SSL VPN Nday - RCE","link":{"@attributes":{"href":"https:\/\/blog.sari3l.com\/posts\/df08045a\/"}},"id":"https:\/\/blog.sari3l.com\/posts\/df08045a\/","published":"2020-09-12T14:02:11.000Z","updated":"2022-01-05T13:39:22.313Z","content":{"@attributes":{"type":"html"}},"summary":"\n    \n      \ud83d\udd10 uid=0(root) gid=0(root) groups=0(root)\n    \n    ","category":[{"@attributes":{"term":"\u6df1\u4fe1\u670d","scheme":"https:\/\/blog.sari3l.com\/tags\/%E6%B7%B1%E4%BF%A1%E6%9C%8D\/"}},{"@attributes":{"term":"Nday","scheme":"https:\/\/blog.sari3l.com\/tags\/Nday\/"}}]},{"title":"\u6df1\u4fe1\u670d SSL VPN Nday - Pre Auth","link":{"@attributes":{"href":"https:\/\/blog.sari3l.com\/posts\/787c7e6c\/"}},"id":"https:\/\/blog.sari3l.com\/posts\/787c7e6c\/","published":"2020-08-26T06:34:17.000Z","updated":"2022-01-05T13:37:36.680Z","content":{"@attributes":{"type":"html"}},"summary":"\n    \n      \ud83d\udd10 \u5185\u90e8\u5206\u4eab\n    \n    ","category":[{"@attributes":{"term":"\u6df1\u4fe1\u670d","scheme":"https:\/\/blog.sari3l.com\/tags\/%E6%B7%B1%E4%BF%A1%E6%9C%8D\/"}},{"@attributes":{"term":"Nday","scheme":"https:\/\/blog.sari3l.com\/tags\/Nday\/"}}]},{"title":"Shiro-055 \u5206\u6790&\u56de\u663e","link":{"@attributes":{"href":"https:\/\/blog.sari3l.com\/posts\/55ea3bd4\/"}},"id":"https:\/\/blog.sari3l.com\/posts\/55ea3bd4\/","published":"2020-08-23T05:06:09.000Z","updated":"2020-08-23T05:10:03.779Z","content":{"@attributes":{"type":"html"}},"summary":"\n    \n      <p>\u4e00\u6b21\u9047\u5230\u6848\u4f8b\uff0c\u5229\u7528\u90e8\u5206\u5de5\u5177\u65e0\u6cd5\u6709\u6548\u5b9e\u73b0\u6267\u884c\u3001\u56de\u663e\uff0c\u4e8e\u662f\u6709\u4e86\u6b64\u7bc7<\/p>\n    \n    "},{"title":"\u6df1\u4fe1\u670d EDR RCE \u7b80\u6790","link":{"@attributes":{"href":"https:\/\/blog.sari3l.com\/posts\/6712089c\/"}},"id":"https:\/\/blog.sari3l.com\/posts\/6712089c\/","published":"2020-08-18T03:23:31.000Z","updated":"2020-08-26T06:40:20.190Z","content":{"@attributes":{"type":"html"}},"summary":"\n    \n      \u5e94\u5382\u5546\u9700\u6c42\u52a0\ud83d\udd10\uff0c\u5f85\u5408\u9002\u65f6\u95f4\u91cd\u65b0\u5f00\u653e\uff0c\u8bf7\u52ff\u4e8c\u6b21\u5916\u6cc4\n    \n    ","category":[{"@attributes":{"term":"\u6df1\u4fe1\u670d","scheme":"https:\/\/blog.sari3l.com\/tags\/%E6%B7%B1%E4%BF%A1%E6%9C%8D\/"}},{"@attributes":{"term":"hw2020","scheme":"https:\/\/blog.sari3l.com\/tags\/hw2020\/"}}]},{"title":"CobaltStrike Argue \u539f\u7406 - \u7ffb\u8bd1\u6587","link":{"@attributes":{"href":"https:\/\/blog.sari3l.com\/posts\/c5e878c3\/"}},"id":"https:\/\/blog.sari3l.com\/posts\/c5e878c3\/","published":"2020-08-04T09:26:01.000Z","updated":"2020-08-04T09:46:29.621Z","content":{"@attributes":{"type":"html"}},"summary":"\n    \n      <p>\u7a81\u7136\u597d\u5947 argue \u539f\u7406\uff0c\u4e8e\u662f\u6709\u4e86\u6b64\u6587<\/p>\n    \n    ","category":{"@attributes":{"term":"cobaltstirke","scheme":"https:\/\/blog.sari3l.com\/tags\/cobaltstirke\/"}}},{"title":"Github Page \u52a0\u901f","link":{"@attributes":{"href":"https:\/\/blog.sari3l.com\/posts\/afd91327\/"}},"id":"https:\/\/blog.sari3l.com\/posts\/afd91327\/","published":"2020-08-01T16:54:48.000Z","updated":"2020-08-05T11:24:19.935Z","content":{"@attributes":{"type":"html"}},"summary":"\n    \n      <p>\u5feb\u5feb\u5feb\uff0c\u51b2\u51b2\u51b2~<\/p>\n    \n    "},{"title":"CobaltStrike \u7834\u89e3\u6b65\u9aa4","link":{"@attributes":{"href":"https:\/\/blog.sari3l.com\/posts\/76ce816c\/"}},"id":"https:\/\/blog.sari3l.com\/posts\/76ce816c\/","published":"2020-07-31T02:51:55.000Z","updated":"2022-01-05T13:35:45.540Z","content":{"@attributes":{"type":"html"}},"summary":"\n    \n      <p>\u672c\u6587\u7ae0\u4ec5\u505a\u6280\u672f\u5b66\u4e60\u4ea4\u6d41\uff0c\u8bf7\u652f\u6301\u3001\u4f7f\u7528\u6b63\u7248\u8f6f\u4ef6<\/p>\n<p><img src=\"https:\/\/cdn.jsdelivr.net\/gh\/sari3l\/sari3l.github.io\/assets\/loading.gif\" data-original=\"\/posts\/76ce816c\/icon.jpg\" alt=\"icon\"><\/p>\n    \n    ","category":[{"@attributes":{"term":"Pentest","scheme":"https:\/\/blog.sari3l.com\/categories\/Pentest\/"}},{"@attributes":{"term":"cobaltstirke","scheme":"https:\/\/blog.sari3l.com\/tags\/cobaltstirke\/"}}]},{"title":"\u4e00\u9053\u9898\u56de\u987e\u667a\u80fd\u5408\u7ea6 Coverage","link":{"@attributes":{"href":"https:\/\/blog.sari3l.com\/posts\/b7ea5c49\/"}},"id":"https:\/\/blog.sari3l.com\/posts\/b7ea5c49\/","published":"2020-07-13T08:32:42.000Z","updated":"2022-01-05T13:35:54.979Z","content":{"@attributes":{"type":"html"}},"summary":"\n    \n      <p>\u6765\u81ea\u4e8e\u5c0f\u4f19\u4f34\u5206\u4eab\u7684\u9898\u76ee\uff0c\u6b63\u597d\u56de\u987e\u4e0b<code>\u53d8\u91cf\u8986\u76d6<\/code>\u7684\u539f\u7406\u3001\u5229\u7528<\/p>\n    \n    ","category":{"@attributes":{"term":"\u667a\u80fd\u5408\u7ea6","scheme":"https:\/\/blog.sari3l.com\/tags\/%E6%99%BA%E8%83%BD%E5%90%88%E7%BA%A6\/"}}},{"title":"F5 BIG-IP RCE\u7b80\u5355\u5206\u6790","link":{"@attributes":{"href":"https:\/\/blog.sari3l.com\/posts\/58a67794\/"}},"id":"https:\/\/blog.sari3l.com\/posts\/58a67794\/","published":"2020-07-06T02:45:39.000Z","updated":"2020-07-08T07:00:40.315Z","content":{"@attributes":{"type":"html"}},"summary":"\n    \n      <p><code>..;<\/code> ? :)<\/p>\n    \n    ","category":[{"@attributes":{"term":"F5","scheme":"https:\/\/blog.sari3l.com\/tags\/F5\/"}},{"@attributes":{"term":"CVE-2020-5902","scheme":"https:\/\/blog.sari3l.com\/tags\/CVE-2020-5902\/"}}]},{"title":"\u7528\u53cbNC\u53cd\u5e8f\u5217\u5316 \u7b80\u5355\u5206\u6790","link":{"@attributes":{"href":"https:\/\/blog.sari3l.com\/posts\/608d18f0\/"}},"id":"https:\/\/blog.sari3l.com\/posts\/608d18f0\/","published":"2020-06-17T05:21:18.000Z","updated":"2022-01-03T09:04:16.791Z","content":{"@attributes":{"type":"html"}},"summary":"\n    \n      <p>\u6b20\u4e86\u5f88\u4e45\uff0c\u7b80\u5355\u5206\u6790\u4e0b~<\/p>\n    \n    "},{"title":"Pwnable.kr \u4e4b Toddler's Bottle","link":{"@attributes":{"href":"https:\/\/blog.sari3l.com\/posts\/d4fb29f2\/"}},"id":"https:\/\/blog.sari3l.com\/posts\/d4fb29f2\/","published":"2020-06-14T14:54:02.000Z","updated":"2020-07-06T09:45:14.050Z","content":{"@attributes":{"type":"html"}},"summary":"\n    \n      <p>\u597d\u4e45\u6ca1\u66f4\u65b0\uff0c\u83dc\u9e21\u5b66 pwn<\/p>\n    \n    ","category":{"@attributes":{"term":"pwn","scheme":"https:\/\/blog.sari3l.com\/tags\/pwn\/"}}},{"title":"Weblogic T3 \u534f\u8bae\u5b66\u4e60","link":{"@attributes":{"href":"https:\/\/blog.sari3l.com\/posts\/ecb4dfa2\/"}},"id":"https:\/\/blog.sari3l.com\/posts\/ecb4dfa2\/","published":"2020-04-01T08:16:44.000Z","updated":"2020-07-06T09:45:06.127Z","content":{"@attributes":{"type":"html"}},"summary":"\n    \n      <p>Docker with Weblogic 12.2.1.4.0<\/p>\n    \n    ","category":{"@attributes":{"term":"Weblogic","scheme":"https:\/\/blog.sari3l.com\/tags\/Weblogic\/"}}},{"title":"CVE-2020-2551 \u7b80\u5355\u5206\u6790","link":{"@attributes":{"href":"https:\/\/blog.sari3l.com\/posts\/e32c5d3e\/"}},"id":"https:\/\/blog.sari3l.com\/posts\/e32c5d3e\/","published":"2020-03-20T04:43:47.000Z","updated":"2020-07-06T09:45:26.702Z","content":{"@attributes":{"type":"html"}},"summary":"\n    \n      <p>\u611f\u89c9\u53c8\u8be5\u91cd\u6e29 JNDI \u4e86\u3002\u3002\u3002<\/p>\n    \n    ","category":[{"@attributes":{"term":"RCE","scheme":"https:\/\/blog.sari3l.com\/tags\/RCE\/"}},{"@attributes":{"term":"Weblogic","scheme":"https:\/\/blog.sari3l.com\/tags\/Weblogic\/"}},{"@attributes":{"term":"Deserialize","scheme":"https:\/\/blog.sari3l.com\/tags\/Deserialize\/"}}]},{"title":"CVE-2020-2555 \u7b80\u5355\u5206\u6790","link":{"@attributes":{"href":"https:\/\/blog.sari3l.com\/posts\/fa80d225\/"}},"id":"https:\/\/blog.sari3l.com\/posts\/fa80d225\/","published":"2020-03-12T14:47:39.000Z","updated":"2020-07-06T09:45:26.072Z","content":{"@attributes":{"type":"html"}},"summary":"\n    \n      <p>\u7b2c\u4e00\u6b21\u8c03 weblogic\uff0cdocker \u90fd\u4e0b\u534a\u5929<\/p>\n    \n    ","category":[{"@attributes":{"term":"RCE","scheme":"https:\/\/blog.sari3l.com\/tags\/RCE\/"}},{"@attributes":{"term":"Weblogic","scheme":"https:\/\/blog.sari3l.com\/tags\/Weblogic\/"}},{"@attributes":{"term":"Deserialize","scheme":"https:\/\/blog.sari3l.com\/tags\/Deserialize\/"}}]}]}