Skip to content

Afant1/JavaSearchTools

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
JarFileReader.java
JarFileReader.java
 
 
README.md
README.md
 
 
SearchClassInJar.java
SearchClassInJar.java
 
 

Repository files navigation

JavaSearchTools 辅助人工审计,寻找java反序列化危险类的工具。

Usage:java -jar SearchClassInJar.jar Path

第一步:首先用jd-gui反编译jar包还原代码,存储路径:C:\Users\afanti\Desktop\ctf-tools\jd-gui\weblogic\

第二步:java -jar SearchClassInJar.jar C:\Users\afanti\Desktop\ctf-tools\jd-gui\weblogic\

Demo是寻找xml库和实现序列化接口的正则,可在SearchReadObject,SearchEvilPackage函数修改正则。

文章发表在安全客:https://www.anquanke.com/post/id/199703

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

61 stars

Watchers

1 watching

Forks

16 forks
Report repository

Releases

1 tags

Packages

No packages published

Contributors 2

  •  
  •  

Languages