Skip to content

基于SerializationDumper的Shiro Cookie序列化数据解密小工具

Notifications You must be signed in to change notification settings

r00tuser111/SerializationDumper-Shiro

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

SerializationDumper-Shiro

ShiroCookie解密小工具,基于SerializationDumper

代码逻辑

用100key碰撞解密,再用SerializationDumper把数据dump出来

使用说明

基础用法:java -jar SerializationDumper-Shiro.jar -s shiro_cookie_base64_data

链子简单分为两种情况:

  • 非基于TemplatesImpl的链子,则直接用xxd查找关键字即可
  • 基于TemplatesImpl的链子,关注点在_bytecodes字段的代码

一、非TemplatesImpl的链子

使用cc1链的shio cookie

加密key为:wGiHplamyXlVB11UXWol8g==

image-20200815174935880

xxd 查找

image-20200815172851945

二、TemplatesImpl的链子

使用cc2链的shiro cookie

加密key为:wGiHplamyXlVB11UXWol8g==

image-20200815175241376

查看bytecodes.class

image-20200815171738935

使用tomcat回显链

image-20200815175352841

bytecodes.class

image-20200815172050382

参考

About

基于SerializationDumper的Shiro Cookie序列化数据解密小工具

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published