Skip to content
/ shiro-check Public

Shiro反序列化回显利用、内存shell、检查 Burp插件

215 stars 18 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

bigsizeme/shiro-check

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
.settings
.settings
 
 
img
img
 
 
src/main/java/burp
src/main/java/burp
 
 
.classpath
.classpath
 
 
.project
.project
 
 
README.md
README.md
 
 
pom.xml
pom.xml
 
 

Repository files navigation

shiro-check

3.0增加了几种回显payload,增加了基于Filter(需要对冰蝎客户端pageContext进行改造)和servlet(部分环境需要把参数据进行URL转码)内存冰蝎的支持。(release提供下载)

2.0增加了回显,及100keys,20keys扫描选项, 利用了burp内置的 dnslog api(Collaborator) 基于ysoserial的Gadgets URLDNS进行DNS查询验证此漏洞! #release中提供下载 Alt text Alt text

Alt text

About

Shiro反序列化回显利用、内存shell、检查 Burp插件

Resources

Readme
Activity

Stars

215 stars

Watchers

5 watching

Forks

18 forks
Report repository

Releases 2

shirocheck 3.0 Latest
Mar 15, 2021
+ 1 release

Packages

No packages published

Languages