jeff 👨💻@programming.dev to Programming@programming.devEnglish · 1 year agoWhat are some examples of xkcd 2347?xkcd.comexternal-linkmessage-square98fedilinkarrow-up1201arrow-down11file-text
arrow-up1200arrow-down1external-linkWhat are some examples of xkcd 2347?xkcd.comjeff 👨💻@programming.dev to Programming@programming.devEnglish · 1 year agomessage-square98fedilinkfile-text
minus-squareJackbyDev@programming.devlinkfedilinkEnglisharrow-up6·1 year agoBasically it involved parsing JNDI stuff which involved grabbing remote code (but that was a niche feature of JNDI in the Dev’s defense). Basically, you may think it is just something like variable substitution but can involve much crazier stuff
minus-squaresillypuddy@mander.xyzlinkfedilinkEnglisharrow-up6·1 year agohttps://theconversation.com/what-is-log4j-a-cybersecurity-expert-explains-the-latest-internet-vulnerability-how-bad-it-is-and-whats-at-stake-173896
What was it?
Basically it involved parsing JNDI stuff which involved grabbing remote code (but that was a niche feature of JNDI in the Dev’s defense). Basically, you may think it is just something like variable substitution but can involve much crazier stuff
https://theconversation.com/what-is-log4j-a-cybersecurity-expert-explains-the-latest-internet-vulnerability-how-bad-it-is-and-whats-at-stake-173896
this is cool