Coder Social home page Coder Social logo

ascii-jar's Introduction

0x01 简介

该项目是为了解决RWCTF 4th Desperate Cat,基于ascii-zip进行修改,生成字节均在ASCII范围的特殊jar。

1.1 生成包含class的ascii jar

➜ ascii-jar python3 ascii-jar-1.py
[-] CRC:False RDL:False CDL:True CDAFL:False Padding data: 1*A
[-] CRC:False RDL:False CDL:True CDAFL:False Padding data: 2*A
[-] CRC:False RDL:False CDL:True CDAFL:False Padding data: 3*A
......
[-] CRC:False RDL:True CDL:True CDAFL:True Padding data: 247*A
[+] CRC:True RDL:True CDL:True CDAFL:True Padding data: 248*A
[+] Generate ascii01.jar success

1.2 生成包含META-INF/resources/的ascii jar

➜  ascii-jar python3 ascii-jar-2.py
[-] CRC:False RDL:True CDL:True CDAFL:True Padding data: 1*A
[-] CRC:False RDL:True CDL:True CDAFL:True Padding data: 2*A
[-] CRC:False RDL:True CDL:True CDAFL:True Padding data: 3*A
[-] CRC:False RDL:True CDL:True CDAFL:True Padding data: 4*A
[-] CRC:False RDL:True CDL:True CDAFL:True Padding data: 5*A
[-] CRC:False RDL:True CDL:True CDAFL:True Padding data: 6*A
[-] CRC:False RDL:True CDL:True CDAFL:True Padding data: 7*A
[-] CRC:False RDL:True CDL:True CDAFL:True Padding data: 8*A
[-] CRC:False RDL:True CDL:True CDAFL:True Padding data: 9*A
[-] CRC:False RDL:True CDL:False CDAFL:True Padding data: 10*A
[-] CRC:False RDL:True CDL:True CDAFL:True Padding data: 11*A
[-] CRC:False RDL:True CDL:True CDAFL:True Padding data: 12*A
[+] CRC:True RDL:True CDL:True CDAFL:True Padding data: 13*A
[+] Generate ascii02.jar success

0x02 改进

尽管得到了第一次padding之后满足条件的ascii jar,但是经过第二次padding前后脏字符,可能会出现最终的jar包不是ascii jar,所以要多加一层判断,对于第二次padding前后脏字符生成的jar也需要判断是否为ascii jar。

由于不同的java代码和jsp代码可能会有不同的padding效果,有些甚至需要padding 1w*A才能最终生成ascii jar,所以笔者经过收集测试,在项目中准备了一些开箱即用的ascii jar,都只需padding < 1k*A

  • eviljsp:
    • shell.jsp:执行命令
    • behinder1.jsp:冰蝎jsp
    • behinder2.jsp:冰蝎jsp
    • Todo:整合内存马jsp
  • evilclass
    • Exploit.java:简单执行命令
    • Todo:整合注入内存马
  • eviljsp-jar/evilclass-jar:对应上面两个目录,有开箱即用的ascii jar,文件名为[填充A的个数]-[filename].jar

0x03 更多

ascii-jar's People

Contributors

c0ny1 avatar diggid4ever avatar

Stargazers

avatar

Forkers

ufo888999

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.