From 3e91d39ee0164c2d3cee131a44aea88b66d435e5 Mon Sep 17 00:00:00 2001
From: wy876 <139549762+wy876@users.noreply.github.com>
Date: Thu, 30 Nov 2023 23:46:26 +0800
Subject: [PATCH] =?UTF-8?q?Update=20Apache-ActiveMQ-Jolokia-=E8=BF=9C?=
 =?UTF-8?q?=E7=A8=8B=E4=BB=A3=E7=A0=81=E6=89=A7=E8=A1=8C=E6=BC=8F=E6=B4=9E?=
 =?UTF-8?q?-CVE-2022-41678.md?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 ...ctiveMQ-Jolokia-远程代码执行漏洞-CVE-2022-41678.md | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/Apache-ActiveMQ-Jolokia-远程代码执行漏洞-CVE-2022-41678.md b/Apache-ActiveMQ-Jolokia-远程代码执行漏洞-CVE-2022-41678.md
index 66f2b7e..4f9cf4a 100644
--- a/Apache-ActiveMQ-Jolokia-远程代码执行漏洞-CVE-2022-41678.md
+++ b/Apache-ActiveMQ-Jolokia-远程代码执行漏洞-CVE-2022-41678.md
@@ -35,7 +35,7 @@ Content-Length: 136
 记住这个 `value`参数中的值，后面的poc要用到,例如现在是4
 ![](./assets/20231130233131.png)
 #### 写入payload
-![](./assets/20231130233450.png)
+
 ```
 POST /api/jolokia/ HTTP/1.1
 Host: localhost:8161
@@ -714,7 +714,7 @@ Content-Length: 136
 </configuration>"]
 }
 ```
-
+![](./assets/20231130233450.png)
 ### 导出录制到web目录
 ```
 POST /api/jolokia/ HTTP/1.1
@@ -777,3 +777,10 @@ Content-Length: 159
 
 ![](./assets/20231130233835.png)
 
+## 漏洞来源
+- https://l3yx.github.io/2023/11/29/Apache-ActiveMQ-Jolokia-%E8%BF%9C%E7%A8%8B%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E-CVE-2022-41678-%E5%88%86%E6%9E%90/
+
+## payload
+本地搭建源码，环境配置不正确，无法调试代码，payload是搜索GitHub关键字找到的
+- https://github.com/gradle/gradle-profiler/blob/2eb14e031fbd48203fb05b28183decd1ee2304de/src/main/resources/org/gradle/profiler/jfr/openjdk.jfc#L4
+