feihong-cs / shiroexploit-deprecated Goto Github PK
View Code? Open in Web Editor NEWShiro550/Shiro721 一键化利用工具,支持多种回显方式
shiroexploit-deprecated's Issues
jdk版本:
各位大佬,你们jdk版本是多少。14瑟瑟发抖啊
关于检查rememberMe是否真实存在
正常的逻辑如下:在探测key时,正确的key不返回rememberMe的headers头,在key错误时会返回rememberMe=deleteMe。
但是在新版本工具中并没有进行判断错误情况,直接判断了“如果不返回rememberMe,则key正确”。造成误报。
linux下运行报错怎么办
root@kali:java -jar ShiroExploit.jar
错误: 找不到或无法加载主类 com.shiroexploit.gui.StartPane
原因: java.lang.NoClassDefFoundError: javafx/application/Application
希望新增功能——支持http代理选项
希望新增功能——支持http代理选项
打扰,有个错误不明白
windows server 2016 在运行之后报错如下:
[+] Find Valid Gadget: CommonsCollections9
[+] Find Valid Gadget: CommonsCollections6
Exception in thread "Thread-6" java.lang.IllegalStateException: Not on FX application thread; currentThread = Thread-6
at com.sun.javafx.tk.Toolkit.checkFxUserThread(Unknown Source)
at com.sun.javafx.tk.quantum.QuantumToolkit.checkFxUserThread(Unknown Source)
at javafx.scene.Scene.addToDirtyList(Unknown Source)
at javafx.scene.Node.addToSceneDirtyList(Unknown Source)
at javafx.scene.Node.impl_markDirty(Unknown Source)
at javafx.scene.Node.notifyParentsOfInvalidatedCSS(Unknown Source)
at javafx.scene.Node.requestCssStateTransition(Unknown Source)
at javafx.scene.Node.pseudoClassStateChanged(Unknown Source)
at javafx.scene.Node$10.invalidated(Unknown Source)
at javafx.beans.property.BooleanPropertyBase.markInvalid(Unknown Source)
at javafx.beans.property.BooleanPropertyBase.set(Unknown Source)
at javafx.scene.Node.setDisabled(Unknown Source)
at javafx.scene.Node.updateDisabled(Unknown Source)
at javafx.scene.Node.access$500(Unknown Source)
at javafx.scene.Node$MiscProperties$8.invalidated(Unknown Source)
at javafx.beans.property.BooleanPropertyBase.markInvalid(Unknown Source)
at javafx.beans.property.BooleanPropertyBase.set(Unknown Source)
at javafx.scene.Node.setDisable(Unknown Source)
at com.shiroexploit.gui.MainPane$9.run(MainPane.java:458)
at java.lang.Thread.run(Unknown Source)
望解答,谢谢
代理设置
这个可以配置代理吗
当路径中有空格,程序就会提示应用不存在相应漏洞…………
D:\ShiroExploit.V2.2 利用成功
D:\haha haha\ShiroExploit.V2.2 利用失败 提示应用不存在相应漏洞…………
建议:增加对dns-log的自定义
建议:增加对dns-log的自定义
现在很多安全设备对dnslog.cn与 ceye.io会进行黑名单封禁,所以增加个自定义dnslog域名的,这样就可以误报,这个很重要 我觉得,加上这个自定义功能 这个工具就完美了~~~
把ysoserial.jar放在同目录下后,一直卡住
把ysoserial.jar放在同目录下后,一直卡在下面这个界面
https貌似不友好
https貌似不友好
有效的Cookie怎么来
这要怎么解决Exception running application com.shiroexploit.gui.StartPane
openjdk version "1.8.0_312"出现错误: 找不到或无法加载主类 com.shiroexploit.gui.StartPane
$ java -jar ShiroExploit.jar
错误: 找不到或无法加载主类 com.shiroexploit.gui.StartPane
$ java -version
openjdk version "1.8.0_312"
OpenJDK Runtime Environment (Zulu 8.58.0.13-CA-macos-aarch64) (build 1.8.0_312-b07)
OpenJDK 64-Bit Server VM (Zulu 8.58.0.13-CA-macos-aarch64) (build 25.312-b07, mixed mode)
�mac m1 java最低只能安装这个版本了,能指导下怎么解决么
使用工具测试本地项目没有漏洞.但是通过域名测试就有漏洞这是啥情况?
项目shiro版本为最新的1.7.1通过打jar包在服务器运行的.在服务器上使用该工具测试项目550和721都没有问题.
 
但是通过域名测试就有漏洞,请问各位大大这估计是哪里的问题,该怎么解决?
建议增加jrmp延时
建议师傅在jrmp 发起请求的时候输出key的响应时间,在目标机器不出网的情况下可以判断是否反序列化成功,也就是jrmp延时来判断目标存在漏洞。
(师傅好强啊。
还有一个问题:师傅写shell的函数是写到了ysoserial 中嘛?
两点建议
第一:
期待加上wyzxxz中的gadget
参考地址:https://github.com/wyzxxz/shiro_rce
第二:
在我大量的测试中发现,只给定URL交给您的程序去探测的话会有很多本来有洞的无法探测到
建议,给定一个配置文件或者输入框,让用户将burp拦截到的原本请求包,交给程序去探测
第三:对于key,建议不硬编码,方便我们才平时的测试中加入自己收集到的key
期待您的回复
存在漏报
无办法检测到http协议的漏洞站点
发布版本没有权限下载哦
检测不到漏洞
手工检测漏洞存在,并且收到了JRMP通讯,工具不行。。。。
可以加我微信,Git同ID
怎么编译源码,编译报错了怎么办,能给一个详细的流程吗
怎么编译源码,编译报错了怎么办,能给一个详细的流程吗
key的排序问题
从keys.conf读取的key 程序在fuzz时 没有按照 keys.conf中的顺序来,建议按行读取
优点:方便使用时 按需在keys.conf排序 优先级高的key
怎么编译成jar呢
code怎么编译成jar?能讲一下吗
同一个目标,2.1版本Can not find a valid gadget
同一个目标,2.1版本Can not find a valid gadget
现在shiro新版本加密方式变了,能升级下么;支持AES.MODE_GCM加密
Exception running application com.shiroexploit.gui.StartPane
环境:
macos m1
zulu-11.jdk
javafx 11.0.2 mac x64
java --module-path $PATH_TO_FX --add-modules javafx.controls -jar ShiroExploit.jar
Exception in Application start method
Exception in thread "JavaFX Application Thread" java.lang.NoClassDefFoundError: com/sun/javafx/scene/control/skin/BehaviorSkinBase
at org.controlsfx.control.CheckComboBox.createDefaultSkin(CheckComboBox.java:304)
at javafx.controls/javafx.scene.control.Control.doProcessCSS(Control.java:897)
at javafx.controls/javafx.scene.control.Control$1.doProcessCSS(Control.java:89)
at javafx.controls/com.sun.javafx.scene.control.ControlHelper.processCSSImpl(ControlHelper.java:67)
at javafx.graphics/com.sun.javafx.scene.NodeHelper.processCSS(NodeHelper.java:146)
at javafx.graphics/javafx.scene.Node.processCSS(Node.java:9456)
at javafx.graphics/javafx.scene.Node.processCSS(Node.java:9449)
at javafx.graphics/javafx.scene.Node.processCSS(Node.java:9449)
at javafx.graphics/javafx.scene.Node.processCSS(Node.java:9449)
at javafx.graphics/javafx.scene.Scene.doCSSPass(Scene.java:569)
at javafx.graphics/javafx.scene.Scene$ScenePulseListener.pulse(Scene.java:2474)
at javafx.graphics/com.sun.javafx.tk.Toolkit.lambda$runPulse$2(Toolkit.java:414)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at javafx.graphics/com.sun.javafx.tk.Toolkit.runPulse(Toolkit.java:413)
at javafx.graphics/com.sun.javafx.tk.Toolkit.firePulse(Toolkit.java:440)
at javafx.graphics/com.sun.javafx.tk.quantum.QuantumToolkit.pulse(QuantumToolkit.java:564)
at javafx.graphics/com.sun.javafx.tk.quantum.QuantumToolkit.pulse(QuantumToolkit.java:544)
at javafx.graphics/com.sun.javafx.tk.quantum.QuantumToolkit.pulseFromQueue(QuantumToolkit.java:537)
at javafx.graphics/com.sun.javafx.tk.quantum.QuantumToolkit.lambda$runToolkit$11(QuantumToolkit.java:343)
at javafx.graphics/com.sun.glass.ui.InvokeLaterDispatcher$Future.run(InvokeLaterDispatcher.java:96)
Exception in thread "JavaFX Application Thread" java.lang.NoClassDefFoundError: com/sun/javafx/scene/control/skin/BehaviorSkinBase
at org.controlsfx.control.CheckComboBox.createDefaultSkin(CheckComboBox.java:304)
at javafx.controls/javafx.scene.control.Control.doProcessCSS(Control.java:897)
at javafx.controls/javafx.scene.control.Control$1.doProcessCSS(Control.java:89)
at javafx.controls/com.sun.javafx.scene.control.ControlHelper.processCSSImpl(ControlHelper.java:67)
at javafx.graphics/com.sun.javafx.scene.NodeHelper.processCSS(NodeHelper.java:146)
at javafx.graphics/javafx.scene.Node.processCSS(Node.java:9456)
at javafx.graphics/javafx.scene.Node.processCSS(Node.java:9449)
at javafx.graphics/javafx.scene.Node.processCSS(Node.java:9449)
at javafx.graphics/javafx.scene.Node.processCSS(Node.java:9449)
at javafx.graphics/javafx.scene.Scene.doCSSPass(Scene.java:569)
at javafx.graphics/javafx.scene.Scene$ScenePulseListener.pulse(Scene.java:2474)
at javafx.graphics/com.sun.javafx.tk.Toolkit.lambda$runPulse$2(Toolkit.java:414)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at javafx.graphics/com.sun.javafx.tk.Toolkit.runPulse(Toolkit.java:413)
at javafx.graphics/com.sun.javafx.tk.Toolkit.firePulse(Toolkit.java:440)
at javafx.graphics/com.sun.javafx.tk.quantum.QuantumToolkit.pulse(QuantumToolkit.java:564)
at javafx.graphics/com.sun.javafx.tk.quantum.QuantumToolkit.pulse(QuantumToolkit.java:544)
at javafx.graphics/com.sun.javafx.tk.quantum.QuantumToolkit.pulseFromQueue(QuantumToolkit.java:537)
at javafx.graphics/com.sun.javafx.tk.quantum.QuantumToolkit.lambda$runToolkit$11(QuantumToolkit.java:343)
at javafx.graphics/com.sun.glass.ui.InvokeLaterDispatcher$Future.run(InvokeLaterDispatcher.java:96)
java.lang.reflect.InvocationTargetException
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at javafx.graphics/com.sun.javafx.application.LauncherImpl.launchApplicationWithArgs(LauncherImpl.java:464)
at javafx.graphics/com.sun.javafx.application.LauncherImpl.launchApplication(LauncherImpl.java:363)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at java.base/sun.launcher.LauncherHelper$FXHelper.main(LauncherHelper.java:1051)
Caused by: java.lang.RuntimeException: Exception in Application start method
at javafx.graphics/com.sun.javafx.application.LauncherImpl.launchApplication1(LauncherImpl.java:900)
at javafx.graphics/com.sun.javafx.application.LauncherImpl.lambda$launchApplication$2(LauncherImpl.java:195)
at java.base/java.lang.Thread.run(Thread.java:829)
Caused by: java.lang.NoClassDefFoundError: com/sun/javafx/scene/control/skin/BehaviorSkinBase
at java.base/java.lang.ClassLoader.defineClass1(Native Method)
at java.base/java.lang.ClassLoader.defineClass(ClassLoader.java:1017)
at java.base/java.security.SecureClassLoader.defineClass(SecureClassLoader.java:174)
at java.base/jdk.internal.loader.BuiltinClassLoader.defineClass(BuiltinClassLoader.java:800)
at java.base/jdk.internal.loader.BuiltinClassLoader.findClassOnClassPathOrNull(BuiltinClassLoader.java:698)
at java.base/jdk.internal.loader.BuiltinClassLoader.loadClassOrNull(BuiltinClassLoader.java:621)
at java.base/jdk.internal.loader.BuiltinClassLoader.loadClass(BuiltinClassLoader.java:579)
at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(ClassLoaders.java:178)
at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:522)
at org.controlsfx.control.CheckComboBox.createDefaultSkin(CheckComboBox.java:304)
at javafx.controls/javafx.scene.control.Control.doProcessCSS(Control.java:897)
at javafx.controls/javafx.scene.control.Control$1.doProcessCSS(Control.java:89)
at javafx.controls/com.sun.javafx.scene.control.ControlHelper.processCSSImpl(ControlHelper.java:67)
at javafx.graphics/com.sun.javafx.scene.NodeHelper.processCSS(NodeHelper.java:146)
at javafx.graphics/javafx.scene.Parent.doProcessCSS(Parent.java:1400)
at javafx.graphics/javafx.scene.Parent$1.doProcessCSS(Parent.java:125)
at javafx.graphics/com.sun.javafx.scene.ParentHelper.processCSSImpl(ParentHelper.java:98)
at javafx.graphics/com.sun.javafx.scene.NodeHelper.processCSS(NodeHelper.java:146)
at javafx.graphics/javafx.scene.Parent.doProcessCSS(Parent.java:1400)
at javafx.graphics/javafx.scene.Parent$1.doProcessCSS(Parent.java:125)
at javafx.graphics/com.sun.javafx.scene.ParentHelper.processCSSImpl(ParentHelper.java:98)
at javafx.graphics/com.sun.javafx.scene.NodeHelper.processCSS(NodeHelper.java:146)
at javafx.graphics/javafx.scene.Parent.doProcessCSS(Parent.java:1400)
at javafx.graphics/javafx.scene.Parent$1.doProcessCSS(Parent.java:125)
at javafx.graphics/com.sun.javafx.scene.ParentHelper.processCSSImpl(ParentHelper.java:98)
at javafx.graphics/com.sun.javafx.scene.NodeHelper.processCSS(NodeHelper.java:146)
at javafx.graphics/javafx.scene.Node.processCSS(Node.java:9456)
at javafx.graphics/javafx.scene.Scene.doCSSPass(Scene.java:569)
at javafx.graphics/javafx.scene.Scene.preferredSize(Scene.java:1750)
at javafx.graphics/javafx.scene.Scene$2.preferredSize(Scene.java:393)
at javafx.graphics/com.sun.javafx.scene.SceneHelper.preferredSize(SceneHelper.java:66)
at javafx.graphics/javafx.stage.Window$12.invalidated(Window.java:1111)
at javafx.base/javafx.beans.property.BooleanPropertyBase.markInvalid(BooleanPropertyBase.java:110)
at javafx.base/javafx.beans.property.BooleanPropertyBase.set(BooleanPropertyBase.java:145)
at javafx.graphics/javafx.stage.Window.setShowing(Window.java:1187)
at javafx.graphics/javafx.stage.Window.show(Window.java:1202)
at javafx.graphics/javafx.stage.Stage.show(Stage.java:273)
at com.shiroexploit.gui.StartPane.start(StartPane.java:64)
at javafx.graphics/com.sun.javafx.application.LauncherImpl.lambda$launchApplication1$9(LauncherImpl.java:846)
at javafx.graphics/com.sun.javafx.application.PlatformImpl.lambda$runAndWait$12(PlatformImpl.java:474)
at javafx.graphics/com.sun.javafx.application.PlatformImpl.lambda$runLater$10(PlatformImpl.java:447)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at javafx.graphics/com.sun.javafx.application.PlatformImpl.lambda$runLater$11(PlatformImpl.java:446)
at javafx.graphics/com.sun.glass.ui.InvokeLaterDispatcher$Future.run(InvokeLaterDispatcher.java:96)
Caused by: java.lang.ClassNotFoundException: com.sun.javafx.scene.control.skin.BehaviorSkinBase
at java.base/jdk.internal.loader.BuiltinClassLoader.loadClass(BuiltinClassLoader.java:581)
at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(ClassLoaders.java:178)
at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:522)
... 44 more
Exception running application com.shiroexploit.gui.StartPane目标机是Win时,执行有空格的命令(如dir "c:\Program Files"),无响应
Shiro550VerifiertWithJRMP问题
Shiro550VerifiertWithJRMP 模式下 fuzz出来的key是错误的,本来应该是另一个key,不知道为啥程序会给出一个错误的key
原因: java.lang.NoClassDefFoundError: javafx/application/Application
老铁你好,我这java环境下直接运行总是出现这个错误,这个需要什么配置码?
java -jar ShiroExploit-v2.0.jar
错误: 找不到或无法加载主类 com.MainApp
原因: java.lang.NoClassDefFoundError: javafx/application/Application
java -version
java version "15.0.1" 2020-10-20
Java(TM) SE Runtime Environment (build 15.0.1+9-18)
Java HotSpot(TM) 64-Bit Server VM (build 15.0.1+9-18, mixed mode, sharing)
网上查了下没啥结果,看着像是缺个javafx库之类的,但是我也没听说java运行环境需要这个呀。我把这个库放到java安装对应目录内,运行后还是错误。
偶尔会报错Shiro550VerifiertUsingDNSLog
Exception in thread "Thread-8" java.lang.NullPointerException
at com.shiroexploit.vulnverifier.Shiro550VerifiertUsingDNSLog.getValidGadget(Shiro550VerifiertUsingDNSLog.java:42)
at com.shiroexploit.gui.MainPane$6.run(MainPane.java:361)
at java.lang.Thread.run(Thread.java:748)
550 windows反弹shell不行。[抱大腿]
550 windows反弹shell不行。[抱大腿]
不知道为什么我只能检测到一个key
java版本为java version "1.8.0_261"
Java(TM) SE Runtime Environment (build 1.8.0_261-b12)
Java HotSpot(TM) 64-Bit Server VM (build 25.261-b12, mixed mode)
怎么用了
下载下来哪里有打开地方
执行反弹shell 的命令以后,shell没有弹回来
使用工具反弹shell到服务器上,但是没有监听到是怎么回事呢???求大佬解答一下
linux
下载了你的代码,编译没有成功,是不是代码不全
建议增加判断回显的方式
您输入的http请求解析后无法正常访问
用burp发包能正常返回,但是这里提示您输入的http请求解析后无法正常访问,
编译错误
期待增加回显的版本
721爆破有个不当之处可否修复
会逐个尝试Gadget爆破得出不同的rememberMe,每个都有近百个到几百个blocks,停不下来。假如第一个Gadget爆破出了一个rememberMe,可否停下来,便于开始执行命令
shiro721爆破过程中报错
[] After RoundTask: 850504030201
[] After RoundTask: 07850504030201
[] After RoundTask: 0807850504030201
[] After RoundTask: 090807850504030201
[] After RoundTask: 0a090807850504030201
[] After RoundTask: 0b0a090807850504030201
[] After RoundTask: 880b0a090807850504030201
[] After RoundTask: 0d880b0a090807850504030201
[] After RoundTask: 0e0d880b0a090807850504030201
[] After RoundTask: 0f0e0d880b0a090807850504030201
[] After RoundTask: 100f0e0d880b0a090807850504030201
[+] Get intermediary: 100f0e0d880b0a090807850504030201
[+] Get cipherText: 7e7b6760ed0c0a0309078f6261775074
[] Calulating block 44
[] After RoundTask: 01
[] After RoundTask: 0201
[] After RoundTask: 030201
[] After RoundTask: 04030201
[] After RoundTask: 0504030201
[] After RoundTask: 060504030201
[] After RoundTask: 07060504030201
[] After RoundTask: 6d07060504030201
Exception in thread "Thread-6" java.util.concurrent.RejectedExecutionException: Task com.shiroexploit.core.RoundTask$1@36fa4687 rejected from java.util.concurrent.ThreadPoolExecutor@4b2f7758[Terminated, pool size = 0, active threads = 0, queued tasks = 0, completed tasks = 1]
at java.util.concurrent.ThreadPoolExecutor$AbortPolicy.rejectedExecution(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.reject(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.execute(Unknown Source)
at com.shiroexploit.core.RoundTask.start(RoundTask.java:42)
at com.shiroexploit.core.PaddingOracle.getIntermediary(PaddingOracle.java:22)
at com.shiroexploit.core.PaddingOracle.encrypt(PaddingOracle.java:82)
at com.shiroexploit.vulnverifier.Shiro721VerifiertUsingCeye.getValidGadget(Shiro721VerifiertUsingCeye.java:36)
at com.shiroexploit.gui.MainPane$6.run(MainPane.java:372)
at java.lang.Thread.run(Unknown Source)
721爆破时报错
[] After RoundTask: 31ddad78
org.apache.commons.codec.DecoderException: Odd number of characters.
at org.apache.commons.codec.binary.Hex.decodeHex(Hex.java:99)
at org.apache.commons.codec.binary.Hex.decodeHex(Hex.java:80)
at com.shiroexploit.util.Tools.generatePayload(Tools.java:69)
at com.shiroexploit.core.RoundTask$1.run(RoundTask.java:53)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
[] After RoundTask: 1531ddad78
org.apache.commons.codec.DecoderException: Odd number of characters.
at org.apache.commons.codec.binary.Hex.decodeHex(Hex.java:99)
at org.apache.commons.codec.binary.Hex.decodeHex(Hex.java:80)
at com.shiroexploit.util.Tools.generatePayload(Tools.java:69)
at com.shiroexploit.core.RoundTask$1.run(RoundTask.java:53)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
[] After RoundTask: 161531ddad78
[] After RoundTask: 4f161531ddad78
[] After RoundTask: 0c4f161531ddad78
[] After RoundTask: 090c4f161531ddad78
[] After RoundTask: 0b090c4f161531ddad78
[] After RoundTask: 030b090c4f161531ddad78
org.apache.commons.codec.DecoderException: Odd number of characters.
at org.apache.commons.codec.binary.Hex.decodeHex(Hex.java:99)
at org.apache.commons.codec.binary.Hex.decodeHex(Hex.java:80)
at com.shiroexploit.util.Tools.generatePayload(Tools.java:69)
at com.shiroexploit.core.RoundTask$1.run(RoundTask.java:53)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
[*] After RoundTask: 1c030b090c4f161531ddad78
org.apache.commons.codec.DecoderException: Odd number of characters.
at org.apache.commons.codec.binary.Hex.decodeHex(Hex.java:99)
at org.apache.commons.codec.binary.Hex.decodeHex(Hex.java:80)
at com.shiroexploit.util.Tools.generatePayload(Tools.java:69)
at com.shiroexploit.core.RoundTask$1.run(RoundTask.java:53)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
能够检测到key值,但是无法回显执行命令的结果。
各位大佬知道为什么我的可以检测到key值,但是执行命令之后没有任何回显。只显示哥done。
使用jetty回显碰到[invalid type code: CA]
有大佬碰到过么?
2020-10-26 18:39:31,406 DEBUG [org.apache.shiro.mgt.AbstractRememberMeManager]: There was a failure while trying to retrieve remembered principals. This could be due to a configuration problem or corrupted principals. This could also be due to a recently changed encryption key. The remembered identity will be forgotten and not used for this request.
org.apache.shiro.io.SerializationException: Unable to deserialze argument byte array.
at org.apache.shiro.io.DefaultSerializer.deserialize(DefaultSerializer.java:82)
at org.apache.shiro.mgt.AbstractRememberMeManager.deserialize(AbstractRememberMeManager.java:516)
at org.apache.shiro.mgt.AbstractRememberMeManager.convertBytesToPrincipals(AbstractRememberMeManager.java:433)
at org.apache.shiro.mgt.AbstractRememberMeManager.getRememberedPrincipals(AbstractRememberMeManager.java:398)
at org.apache.shiro.mgt.DefaultSecurityManager.getRememberedIdentity(DefaultSecurityManager.java:604)
at org.apache.shiro.mgt.DefaultSecurityManager.resolvePrincipals(DefaultSecurityManager.java:492)
at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:342)
at org.apache.shiro.subject.Subject$Builder.buildSubject(Subject.java:846)
at org.apache.shiro.web.subject.WebSubject$Builder.buildWebSubject(WebSubject.java:148)
at org.apache.shiro.web.servlet.AbstractShiroFilter.createSubject(AbstractShiroFilter.java:292)
at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:359)
at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1759)
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:583)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548)
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226)
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1180)
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:513)
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1112)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:213)
at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:119)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:134)
at org.eclipse.jetty.server.Server.handle(Server.java:539)
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:333)
at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:251)
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:283)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:108)
at org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:93)
at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.executeProduceConsume(ExecuteProduceConsume.java:303)
at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceConsume(ExecuteProduceConsume.java:148)
at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:136)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:671)
at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:589)
at java.lang.Thread.run(Thread.java:748)
Caused by: java.io.StreamCorruptedException: invalid type code: CA
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1601)
at java.io.ObjectInputStream.readArray(ObjectInputStream.java:1950)
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1567)
at java.io.ObjectInputStream.readArray(ObjectInputStream.java:1950)
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1567)
at java.io.ObjectInputStream.access$800(ObjectInputStream.java:214)
at java.io.ObjectInputStream$GetFieldImpl.readFields(ObjectInputStream.java:2452)
at java.io.ObjectInputStream.readFields(ObjectInputStream.java:601)
at com.sun.org.apache.xalan.internal.xsltc.trax.TemplatesImpl.readObject(TemplatesImpl.java:253)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at java.io.ObjectStreamClass.invokeReadObject(ObjectStreamClass.java:1170)
at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2178)
at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2069)
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1573)
at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:2287)
at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2167)
at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2069)
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1573)
at java.io.ObjectInputStream.readObject(ObjectInputStream.java:431)
at java.util.HashMap.readObject(HashMap.java:1412)
at sun.reflect.GeneratedMethodAccessor18.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at java.io.ObjectStreamClass.invokeReadObject(ObjectStreamClass.java:1170)
at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2178)
at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2069)
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1573)
at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:2287)
at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2167)
at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2069)
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1573)
at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:2287)
at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2167)
at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2069)
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1573)
at java.io.ObjectInputStream.readObject(ObjectInputStream.java:431)
at org.apache.shiro.io.DefaultSerializer.deserialize(DefaultSerializer.java:77)
... 36 more建议检测和回显增加指定key遍历gadgets
建议检测和回显增加指定key遍历gadgets,目前的情况是指定了key就必须指定gadgets
跑key遇到意外错误
HTTPS的问题
方便提供一下联系方式么,我好提供一个测试用例,https还是有问题
获取Webshell时一直显示404
师傅好,使用您的工具在尝试获取Webshell时,工具提示是成功写入的,可访问的时候一直404,怀疑并没有成功写入Webshell。
config目录下也是放入了shell.jsp的
请问能添加自定义gadget功能吗?
有时候定义好的gadget利用失败,但实际上是有可利用的gadget的,例如某yi系统的gadget“CommonsCollectionsK1”,
最新版本有bug
老版本2.3可以成功,最新版本2,.4.2失败了
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.