Cov kws tshawb fawb los ntawm Suav tuam txhab Chaitin Tech tau tshawb pom () hauv , qhib kev siv Java Servlet, JavaServer Pages, Java Expression Language thiab Java WebSocket technologies. Qhov tsis txaus ntseeg tau raug muab rau lub npe code Ghostcat thiab qib tseem ceeb (9.8 CVSS). Qhov teeb meem tso cai, nyob rau hauv lub neej ntawd configuration, xa ib daim ntawv thov ntawm lub network chaw nres nkoj 8009, nyeem cov ntsiab lus ntawm tej ntaub ntawv los ntawm lub web application directory, nrog rau cov ntaub ntawv nrog rau tej chaw thiab daim ntawv thov qhov chaws codes.
Qhov tsis zoo kuj tseem ua rau nws tuaj yeem import lwm cov ntaub ntawv mus rau hauv daim ntawv thov code, uas tso cai rau kev ua tiav cov lej ntawm lub server yog tias daim ntawv thov tso cai rau cov ntaub ntawv xa mus rau lub server (piv txwv li, tus neeg tawm tsam tuaj yeem xa JSP tsab ntawv disguised ua duab los ntawm daim duab upload form). Kev tawm tsam tuaj yeem ua tiav thaum nws tuaj yeem xa daim ntawv thov mus rau qhov chaw nres nkoj network nrog AJP tus tuav. Raws li cov ntaub ntawv ua ntej, online Ntau tshaj 1.2 lab tus tswv txais kev thov los ntawm AJP raws tu qauv.
Qhov tsis zoo muaj nyob hauv AJP raws tu qauv, thiab yuam kev hauv kev siv. Ntxiv nrog rau kev lees txais kev sib txuas ntawm HTTP (chaw nres nkoj 8080), Apache Tomcat los ntawm lub neej ntawd tso cai rau kev nkag mus rau lub vev xaib thov ntawm AJP raws tu qauv (, chaw nres nkoj 8009), uas yog binary analogue ntawm HTTP optimized rau kev ua tau zoo dua, feem ntau yog siv thaum tsim ib pawg ntawm Tomcat servers lossis txhawm rau ua kom muaj kev sib cuam tshuam nrog Tomcat ntawm lub npe rov qab lossis qhov sib npaug.
AJP muab cov qauv ua haujlwm rau kev nkag mus rau cov ntaub ntawv ntawm lub server, uas tuaj yeem siv tau, suav nrog kev tau txais cov ntaub ntawv uas tsis raug nthuav tawm. AJP yuav tsum nkag mus rau cov servers uas ntseeg siab nkaus xwb, tab sis qhov tseeb Tomcat qhov kev teeb tsa ua ntej tau khiav tus tuav ntawm txhua qhov kev sib txuas hauv network thiab tau txais kev thov yam tsis muaj kev lees paub. Kev nkag mus tau rau txhua lub vev xaib thov cov ntaub ntawv, suav nrog cov ntsiab lus ntawm WEB-INF, META-INF thiab lwm yam kev qhia uas tau muab los ntawm kev hu rau ServletContext.getResourceAsStream(). AJP tseem tso cai rau koj siv cov ntaub ntawv hauv cov npe nkag mus rau hauv daim ntawv thov web raws li JSP tsab ntawv.
Qhov teeb meem tau tshwm sim txij li Tomcat 13.x ceg tau tso tawm 6 xyoo dhau los. Ntxiv rau qhov teeb meem Tomcat nws tus kheej thiab cov khoom siv uas siv, xws li Red Hat JBoss Web Server (JWS), JBoss Enterprise Application Platform (EAP), nrog rau cov ntawv thov web uas siv tus kheej. . Qhov zoo sib xws (CVE-2020-1745) hauv web server , siv hauv Wildfly daim ntawv thov server. Hauv JBoss thiab Wildfly, AJP tau qhib los ntawm lub neej ntawd tsuas yog hauv standalone-full-ha.xml, standalone-ha.xml thiab ha/full-ha profiles hauv domain.xml. Hauv Caij Nplooj Ntoos Hlav, AJP kev them nyiaj yug yog neeg xiam los ntawm lub neej ntawd. Tam sim no, cov pab pawg sib txawv tau npaj ntau tshaj li kaum ob tus qauv ua haujlwm ntawm kev siv (
,
,
,
,
,
,
,
,
,
,
).
Vulnerability kho nyob rau hauv Tomcat tso tawm , ΠΈ (kev saib xyuas ntawm 6.x ceg ). Koj tuaj yeem taug qab qhov muaj qhov hloov tshiab hauv cov khoom siv faib khoom ntawm nplooj ntawv no: , , , , , . Raws li kev ua haujlwm, koj tuaj yeem lov tes taw qhov kev pabcuam Tomcat AJP Connector (khawm lub mloog pob ntseg rau localhost lossis tawm tswv yim tawm ntawm kab nrog Connector chaw nres nkoj = "8009") yog tias tsis xav tau, lossis authenticated nkag siv tus cwj pwm "secret" thiab "chaw nyob", yog tias qhov kev pabcuam raug siv los cuam tshuam nrog lwm cov servers thiab proxies raws li mod_jk thiab mod_proxy_ajp (mod_cluster tsis txhawb kev lees paub).
Tau qhov twg los: opennet.ru