Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/mmioimm/shiro_echo

shiro 反序列化回显检测
https://github.com/mmioimm/shiro_echo

Last synced: 3 months ago
JSON representation

shiro 反序列化回显检测

Host: GitHub
URL: https://github.com/mmioimm/shiro_echo
Owner: mmioimm
Created: 2020-08-17T03:51:38.000Z (about 4 years ago)
Default Branch: master
Last Pushed: 2021-07-05T13:14:32.000Z (over 3 years ago)
Last Synced: 2024-06-06T23:40:02.560Z (5 months ago)
Language: Python
Size: 120 KB
Stars: 39
Watchers: 1
Forks: 4
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

awesome-hacking-lists - mmioimm/shiro_echo - shiro 反序列化回显检测 (Python)

README

# shiro_echo
shiro 反序列化回显检测
- 六条回显利用链：CommonsBeanutils1，CommonsBeanutils2，Jdk7u21，Jdk8u20，CommonsCollectionsK1，CommonsCollectionsK2
- 常见100key
- 新增回显值检测,适用回显值不为rememberMe的情况

- 修复302跳转导致的误报

- 增加基于返回包中deleteMe个数进行判断
- 修复name误报问题
- 支持gcm检测模式

# lucky_shiro

- 已重构，大家若是使用请使用lucky_shiro.py