Skip to content

mmioimm/shiro_echo

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
README.md
README.md
 
 
lucky_shiro.py
lucky_shiro.py
 
 
shiro_echo.py
shiro_echo.py
 
 
shiro_echo_v3.py
shiro_echo_v3.py
 
 
shiro_echo_v4.py
shiro_echo_v4.py
 
 
shiro_echo_v5.py
shiro_echo_v5.py
 
 

Repository files navigation

shiro_echo

shiro 反序列化 回显检测

  • 六条回显利用链:CommonsBeanutils1,CommonsBeanutils2,Jdk7u21,Jdk8u20,CommonsCollectionsK1,CommonsCollectionsK2

  • 常见100key

  • 新增回显值检测,适用回显值不为rememberMe的情况

  • 修复302跳转导致的误报

  • 增加基于返回包中deleteMe个数进行判断

  • 修复name误报问题

  • 支持gcm检测模式

lucky_shiro

  • 已重构,大家若是使用请使用lucky_shiro.py

About

shiro 反序列化 回显检测

Resources

Readme
Activity

Stars

39 stars

Watchers

1 watching

Forks

4 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages