[Y4-00005] Set BeanFactory Blacklist for ObjectFactory

[4ra1n]

Set up an ObjectFactory blacklist for Tomcat BeanFactory to prevent malicious exploitation: Although higher versions of Java have fixed most of the JNDI vulnerabilities, there are two common methods of exploitation that bypass these fixes in higher versions. One is through deserialization bypass, and the other involves the use of Apache Tomcat's BeanFactory in conjunction with the ELProcessor class for malicious purposes. It is therefore necessary to include them in a blacklist.

设置 ObjectFactory 黑名单 Tomcat BeanFactory 防止被恶意利用: 虽然 Java 高版本修复了 JNDI 大部分漏洞，但存在两种广泛的高版本利用绕过方式，一种是反序列化绕过，另一种是基于 Apache Tomcat 的 BeanFactory 结合 ELProcessor 类实现恶意利用，有必要加入黑名单