java安全常用脚本
c157c9744e0298d00173c08a9dbffe0ed073a56f7e3a628a68d0b68815ec97a6507baf417dacc16b537cd1ab043778f6fe3a0fee7a8ecf0eaf41b587dcbadf993402d2ef9f34332240543e7a8ac3b3d82501b35037bd785dc7624f4859b06e1a2350407c242ca926a0f3440bdc03639d3a54941d331ff415b9ec059bb101a5f7c77e9bb6d33c6ad72c62e69865353f8a06d934576aadadfea8f3880fa0b567cb92d8757353e95f4a4902b46d2e7127d8fd8ce26d1fbb8ced40d160082da85047d46f7e8c2faa96467a472d46eb94b163f664ea5aabca6863f3773d9b2051991073106a658a6ddccf9c4b8557306c5b79824621f02e7204e41 ...
RMI
RMI: 远程方法调用(Remote Method Invocation),用于不同虚拟机之间的通信,这些虚拟机可以在不同的主机上、也可以在同一个主机上;一个虚拟机中的对象调用另一个虚拟上中的对象的方法。
RMIDemo服务端组成的三个部分创建一个继承java.rmi.Remote的接口(RMIInterface),定义需要远程调用的函数(HelloWorld())
一个实现此接口的类(RemoteHelloWorld),在服务端实现接口定义的代码。
一个主类(RMIServer)用于创建Registry,绑定类示例
RMIInterface123456import java.rmi.Remote;import java.rmi.RemoteException;public interface RMIInterface extends Remote { String HelloWorld() throws RemoteException;}
RemoteHelloWorld1234567891011121314import java.rmi.RemoteEx ...
Java反序列化利用链总结
c157c9744e0298d00173c08a9dbffe0ea65dafc80564b3b775e3697c733a789f18f0b53478c609bb287f0ab40a17bea7f98e62ee84b2a097e2b49a571d4e5d091e14f1e44ef2a6502caca21973d8e900fdb88f02070fc55fac132be5451913e45a4cdab4275c05423b8843ba3d51c9e62568ac248b73244f9eb71ed52f6f8f90cd9a295c182cf697ff25f90bc6c442ab4ef317375154e40b0fb5022f34ce07c75622220a9c72f1952598781e43772d852a6bf85b512c46a4390cf50f50f8b66dadb5d4e53718467963f3a6adea9c86835a9b543043636ba271a2d421470146abac6ddcb68b9d7437c9dc33b6141d4ec74e95815205a423a88 ...
IDEA远程调试
调试Jar包1java -Xdebug -Xrunjdwp:transport=dt_socket,address=5005,server=y,suspend=y -jar TestRemote.jar
出现提示:Listening for transport dt_socket at address: 5005即为成功
编辑IDEA
远程调试weblogic参考链接
设置远程调试端口
运行容器docker-compose up -d 后进入容器修改/root/Oracle/Middleware/user_projects/domains/base_domain/bin/setDomainEnv.sh
把weblogic的源码,所以我们把 weblogic的源码和jdk包都拷贝出来,注意windows下直接打包所有文件解压会有报错问题。
1tar -cvf all.tar.gz modules/ wlserver_10.3/
将modules和wlserver_10.3文件夹打包复制到宿主机
1docker cp 2a51247be16f:/root/Oracle/Midd ...
Instrument
c157c9744e0298d00173c08a9dbffe0e6e8472fd49d234548f468c8b0db21f0c1bfab5e9967bc97868378e39e285647ee48d5086422d129a3b40f85271c07fc186554cc4736755edc9105aceddaa9d66779b681c4abea4d2652b56fa9cdaac96151f8fc9856eb56fec77835af3fe7bd7de210b2ac6e1e3ab9423513600c35c49b4a752f21271f2cf3af9137690817056a6c58837f009f9ac0e685915deff2806e3c328d98d41b9835517b9932ae26ac833de4b3e5a08002db412afe257eb867b9371df00a93fefe8b3e54ff0260725ed8dc9b22b8c6061133ddb56643be86293884c3c1a71b89170805cfa19b7451ea68110f9c341bb2e59e ...
Java动态代理
c157c9744e0298d00173c08a9dbffe0ee270317bc6fc70742779e8b2b7ed684fdcc139b289121ec1c9082efdaf22d713ed433262e3d6f2fde3b4fa64c67c5045a23bec3bdafa5a30a250c2d4c90a71af651d313c76f4ba886a3c795da018ffd8c763a259e5faed015f7f4bc8f5542aecf9ac6ac274c142b57d2b69ac0138ae3c426e8f87b62fdcd9c823f6da31533bd0f61bb9fc3e3cc01ec833f24b1fdf61e5512af019ef264dc8f2c0f891b7f20340a5300e00b78338c9e45627c77e17ee7b31a5f7cda61cbc83a8b77dcc96a8176231fba4fbe175ca1bdfb794972cef5af8b8e7add6ce369f2f8a462468d94d8e1992d908a0c0b7fff4e ...