{"id":13841170,"url":"https://github.com/phith0n/JavaThings","last_synced_at":"2025-07-11T12:30:29.257Z","repository":{"id":40410462,"uuid":"281156996","full_name":"phith0n/JavaThings","owner":"phith0n","description":"Share Things Related to Java - Java安全漫谈笔记相关内容","archived":false,"fork":false,"pushed_at":"2024-08-12T08:40:33.000Z","size":47,"stargazers_count":1771,"open_issues_count":1,"forks_count":211,"subscribers_count":33,"default_branch":"master","last_synced_at":"2024-11-20T22:03:25.367Z","etag":null,"topics":["java","security"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/phith0n.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-07-20T15:36:57.000Z","updated_at":"2024-11-19T07:56:18.000Z","dependencies_parsed_at":"2022-07-12T18:02:00.717Z","dependency_job_id":null,"html_url":"https://github.com/phith0n/JavaThings","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/phith0n%2FJavaThings","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/phith0n%2FJavaThings/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/phith0n%2FJavaThings/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/phith0n%2FJavaThings/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/phith0n","download_url":"https://codeload.github.com/phith0n/JavaThings/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225720397,"owners_count":17513596,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["java","security"],"created_at":"2024-08-04T17:01:03.697Z","updated_at":"2025-07-11T12:30:29.236Z","avatar_url":"https://github.com/phith0n.png","language":"Java","readme":"# JavaThings - Java安全漫谈笔记相关\n\n《Java安全漫谈》是我在写的一点Java学习相关的随笔，不是很严谨，也不是啥高科技。这个Repository主要是记录并整理一下，附加一些代码。\n\n## Java安全漫谈目录\n\n- [Java安全漫谈 - 01.Java的动态特性——反射](https://t.zsxq.com/iyJiAMJ)\n- [Java安全漫谈 - 02.反射的简单利用](https://t.zsxq.com/iIa2B2j)\n- [Java安全漫谈 - 03.反射的几个进阶技巧](https://t.zsxq.com/MNRbayr)\n- [Java安全漫谈 - 04.RMI的通信过程分析](https://t.zsxq.com/FMJiUrV)\n- [Java安全漫谈 - 05.利用codebase攻击RMI Registry](https://t.zsxq.com/BuFy3zF)\n- [Java安全漫谈 - 06.深入理解RMI协议与序列化对象](https://t.zsxq.com/vZjaiuR)\n- [Java安全漫谈 - 07.不同语言中的反序列化漏洞](https://t.zsxq.com/NF2NfQf)\n- [Java安全漫谈 - 08.认识最简单的Gadget——URLDNS](https://t.zsxq.com/ieMZBQj)\n- [Java安全漫谈 - 09.初识CommonsCollections](https://t.zsxq.com/BmIIAy3)\n- [Java安全漫谈 - 10.用TransformedMap编写真正的POC](https://t.zsxq.com/ZNZrJMZ)\n- [Java安全漫谈 - 11.LazyMap详解](https://t.zsxq.com/FufUf2B)\n- [Java安全漫谈 - 12.简化版CommonsCollections6](https://t.zsxq.com/A2j2beE)\n- [Java安全漫谈 - 番外篇1. BCEL ClassLoader去哪了？](https://www.leavesongs.com/PENETRATION/where-is-bcel-classloader.html)\n- [Java安全漫谈 - 13.Java中动态加载字节码的那些方法](https://t.zsxq.com/E2VfUVB)\n- [Java安全漫谈 - 14.为什么需要CommonsCollections3](https://t.zsxq.com/i6Y7QN7)\n- [Java安全漫谈 - 15.TemplatesImpl在Shiro中的利用](https://t.zsxq.com/JAUBmMz)\n- [Java安全漫谈 - 16.commons-collections4与漏洞修复](https://t.zsxq.com/ZBQj2FE)\n- [Java安全漫谈 - 17.CommonsBeanutils与无commons-collections的Shiro反序列化利用](https://t.zsxq.com/IqBmuF6)\n- [Java安全漫谈 - 18.原生反序列化利用链JDK7u21](https://t.zsxq.com/neMbuJa)\n- [Java安全漫谈 - 19.Java反序列化协议构造与分析](https://t.zsxq.com/ZfiEeEY)\n\n## Demo代码\n\n字节码：\n\n- 远程字节码加载Demo：[HelloClassLoader](jdk8/src/main/java/com/govuln/bytes/HelloClassLoader.java)\n- 系统默认defineClass加载字节码Demo：[HelloDefineClass](jdk8/src/main/java/com/govuln/bytes/HelloDefineClass.java)\n- 使用TemplatesImpl加载字节码Demo：[HelloTemplatesImpl](jdk8/src/main/java/com/govuln/bytes/HelloTemplatesImpl.java)\n- 使用BCEL加载字节码Demo：[HelloBCEL](jdk8/src/main/java/com/govuln/bytes/HelloBCEL.java)\n\n反序列化：\n\n- 最简单的Transformer Demo：[CommonsCollectionsIntro.java](jdk8/src/main/java/com/govuln/deserialization/CommonsCollectionsIntro.java)\n- 我简化的[CommonsCollections6](jdk8/src/main/java/com/govuln/deserialization/CommonsCollections6.java)，更方便大家理解\n- 利用TemplatesImpl构造的Transformer Demo：[CommonsCollectionsIntro2.java](jdk8/src/main/java/com/govuln/deserialization/CommonsCollectionsIntro2.java)\n- 无InvokerTransformer的Transformer Demo：[CommonsCollectionsIntro3.java](jdk8/src/main/java/com/govuln/deserialization/CommonsCollectionsIntro3.java)\n- 我简化的[CommonsCollections3](jdk8/src/main/java/com/govuln/deserialization/CommonsCollections3.java)\n- CommonsCollections6一次执行多个命令：[CommonsCollections6Multiple](jdk8/src/main/java/com/govuln/deserialization/CommonsCollections6Multiple.java)\n- 支持commons-collections4.0版本的CommonsCollections6利用链：[CommonsCollections6For4](jdk8/src/main/java/com/govuln/deserialization/CommonsCollections6For4.java)\n- 我简化的CommonsBeanutils1利用链：[CommonsBeanutils1](jdk8/src/main/java/com/govuln/deserialization/CommonsBeanutils1.java)\n- 简化版Java原生利用链 [JDK7u21](jdk8/src/main/java/com/govuln/deserialization/JDK7u21.java)\n\nShiro反序列化：\n\n- 一个最简单的Shiro Web应用：[shirodemo](shirodemo/)\n- 使用CommonsCollections6与Shiro默认Key构造Payload：[Client0.java](shiroattack/src/main/java/com/govuln/shiroattack/Client0.java)、[CommonsCollections6.java](shiroattack/src/main/java/com/govuln/shiroattack/CommonsCollections6.java)，在Tomcat中可能会无法成功反序列化\n- 使用CommonsCollections、TemplatesImpl与Shiro默认Key构造Payload：[Client.java](shiroattack/src/main/java/com/govuln/shiroattack/Client.java)、[CommonsCollectionsShiro.java](shiroattack/src/main/java/com/govuln/shiroattack/CommonsCollectionsShiro.java)，解决上述问题\n- 使用Shiro默认自带的commons-beanutils构造的反序列化利用链：[CommonsBeanutils1Shiro.java](shiroattack/src/main/java/com/govuln/shiroattack/CommonsBeanutils1Shiro.java)\n\n自研反序列化分析工具：\n\n- zkar: \u003chttps://github.com/phith0n/zkar\u003e\n- 如何使用zkar修复SerialVersionUID不匹配的问题：\u003chttps://t.zsxq.com/Yz3B6yJ\u003e\n","funding_links":[],"categories":["Java","Java (504)"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fphith0n%2FJavaThings","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fphith0n%2FJavaThings","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fphith0n%2FJavaThings/lists"}