Welcome to H2, the Java SQL database. 
The main features of H2 are:
- Very fast, open source, JDBC API
- Embedded and server modes; disk-based or in-memory databases
- Transaction support, multi-version concurrency
- Browser based Console application
- Encrypted databases
- Fulltext search
- Pure Java with small footprint: around 2.5 MB jar file size
- ODBC driver
More information: https://h2database.com
Downloads
Download latest version or add to pom.xml:
<dependency>
<groupId>com.h2database</groupId>
<artifactId>h2</artifactId>
<version>1.4.200</version>
</dependency>
Documentation
Support
- Issue tracker for bug reports and feature requests
- Mailing list / forum for questions about H2
- 'h2' tag on Stack Overflow for other questions (Hibernate with H2 etc.)
-
前言 在上两周的授权渗透中,对某个ZF单位做了一次内网的渗透测试,本来以为很困难,想着挖几个弱口令就算了,凑够几个高危就收工,没想到过程是如此的顺利,挖了20多个高危我醉了,ZF的内网做得那么稀烂,如果外网打进来刷分是真的美滋滋。那么多个漏洞,我今天就挑一个比较有意思的来记录��一下,是很少见的H2Database Console的RCE。后面rdp连接的过程有点小困难,但是完全不慌。 简述一下主
-
H2 Database 依赖说明:提供支持 JDBC API 和 R2DBC 访问的快速内存数据库,占用空间小(2MB)。支持嵌入式和服务器模式以及基于浏览器的控制台应用程序。 H2 Database是一个开源的嵌入式数据库引擎,采用java语言编写,不受平台的限制,同时H2 Database提供了一个十分方便的web控制台用于操作和管理数据库内容。H2 Datab
-
restart h2 database query RCE复现 漏洞环境: https://github.com/LandGrey/SpringBootVulExploit/tree/master/repository/springboot-h2-database-rce IDEA 打开配置一个 Spring Boot 程序即可 漏洞复现: 访问 /actuator/env 接口修改 spring
-
h2 database console JNDI RCE复现 漏洞环境: https://github.com/LandGrey/SpringBootVulExploit/tree/master/repository/springboot-h2-database-rce 漏洞复现: 访问 /h2-console 接口,目标会跳转到 /h2-console/login.do,这有一个可以连接 JDB