Bhavesh,
On 8/15/24 14:49, Bhavesh Mistry wrote:
I recently came to know that with Java Attach API, anyone with access can
attach to a local process and manipulate Java Byte code.
For example, password harvesting is attached to the Filter Chain.
https://github.com/rebeyond/memShell
What I foun
There's just so many bad practices here...
First, a production machine should not have debugging enabled. Problem
solved.
Second, a development machine with debugging enabled should not be
exposed to the internet. Problem solved.
Next, someone would have to gain access to the machine to do
Hello Tomcat Users and Development Team,
I recently came to know that with Java Attach API, anyone with access can
attach to a local process and manipulate Java Byte code.
For example, password harvesting is attached to the Filter Chain.
https://github.com/rebeyond/memShell
What I found is to ru
