原创:小米路由器_hookWifiConnect函数RCE漏洞

=================by 大蝉@xs3c.co===============转载请注明出处=============
漏洞描述

所有通过Wifi连入小米路由器网络的设备会触发_hookWifiConnect函数,由_hookWifiConnect调用_doPush给管理员推送设备接入消息,由于_doPush函数中未过滤payload->name导致设备名被带入系统命令执行。
继续阅读原创:小米路由器_hookWifiConnect函数RCE漏洞

How to install Java in Kali Linux

直接下JDK,里面包含Jre
http://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads-2133151.html
原装openjdk在
/usr/lib/jvm
Uncompress archive

Now you uncompress and move the whole uncompressed folder to /opt (optional) directory.

Install and register binaries

This step registers the downloaded version of Java as an alternative, and switches it to be used as the default:

Testing your installation

First of all, close your browser and re-open. You won’t believe how many users actually forgets to do this step and later complains Java ain’t working. I’d advise to bookmark this site to be able to reopen these instructions quickly, or simply copy these into a leafpad / vi / text-editor.

To check the version of Java you are now running

To check the browser plugin just click Do I have Java?

This should take you to Oracles Java website and you will see a confirmation message.