v1.3.0
1k Star 达成,感谢大哥们的支持
更新内容:
- [功能] 新增 SerializationDumper 解析Java序列化数据,并自定义修改任意类
SUID 等功能 - [功能] 开放 Chains 插件编写,参考:https://github.com/Java-Chains/chains-plugin-demo ,前端支持reload重加载插件
- [功能] 新增 Hessian2ToStringPayload,通过 except 可触发toString链
- [功能] 前端提供展示所有 Payload、Gadget 基础信息
- [功能] 新增 CommonsBeanutils5 Gadget,适用于 cb 1.10 版本
- [功能] 新增 FakeMySQLReadPayload 读文件利用,同时兼容 fileread_/etc/passwd 格式 ,参考 https://github.com/4ra1n/mysql-fake-server
- [功能] Generate 生成模块提供 URL Encoding 编码选项
- [功能] gadget 注解中新增 preTags 字段,可用于指定前面的链
- [功能] 同步更新 Class-Obf v1.4.0 版本
- [优化] JNDI、JRMP 等模块若端口未开放则会进行提醒
- [优化] 前端图标展示
- [优化] 整理后端代码
- [Bugfix] 修复Groovy生成Jar的问题。现在可以通过 OtherPayload -> GroovyJarConvert 中生成 Fastjson Groovy Jar
What's new:
- [Feature] Added SerializationDumper for parsing Java serialized data, enabling custom modification of class SUIDs, etc.
- [Feature] Enabled Chains plugin development. See: https://github.com/Java-Chains/chains-plugin-demo. The frontend supports plugin reloading.
- [Feature] Added Hessian2ToStringPayload; a toString chain can be triggered via
except. - [Feature] The frontend now displays basic information for all Payloads and Gadgets.
- [Feature] Added CommonsBeanutils5 Gadget, suitable for cb version 1.10.
- [Feature] Added FakeMySQLReadPayload for file reading exploitation, compatible with
fileread_/etc/passwdformat. See https://github.com/4ra1n/mysql-fake-server. - [Feature] The Generate module now offers a URL Encoding option.
- [Feature] Added the
preTagsfield in gadget annotations, which can be used to specify preceding chains. - [Feature] Synchronously updated Class-Obf to version v1.4.0.
- [Improvement] JNDI, JRMP, etc. modules will now provide a warning if the port is not open.
- [Improvement] Improved frontend icon display.
- [Improvement] Refactored backend code.
- [Bugfix] Fixed the Groovy Jar generation issue. Fastjson Groovy Jars can now be generated through OtherPayload -> GroovyJarConvert.