OH fair enough, that's not the attack vector that I was referring to, which is a... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		Nursie on Dec 11, 2021 \| parent \| context \| favorite \| on: Log4j RCE Found OH fair enough, that's not the attack vector that I was referring to, which is a more simple "deserialise me to something that I can use to compromise you" message, but it's another interesting vector! Security really is hard to get right.

abhishekjha on Dec 17, 2021 [–]

>"deserialise me to something that I can use to compromise you"

Any paper/presentation that I can read? I seem to be having a hard time findin it.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact