@@ -72,7 +72,84 @@ docker rm -f memshell-party
7272docker run --pull=always --rm -it -d -p 8080:8080 --name memshell-party reajason/memshell-party:latest
7373```
7474
75- ### 本地构建
75+ ## 适配情况
76+
77+ 已兼容 Java6 ~ Java8、Java9、Java11、Java17、Java21
78+
79+ ### 中间件以及框架
80+
81+ | Tomcat(5 ~ 11) | Jetty(6 ~ 11) | GlassFish(3 ~ 7) | Payara(5 ~ 6) |
82+ | ----------------------| ------------------------| ----------------------| ----------------------|
83+ | Servlet | Servlet | Filter | Filter |
84+ | Filter | Filter | Listener | Listener |
85+ | Listener | Listener | Valve | Valve |
86+ | Valve | ServletHandler - Agent | FilterChain - Agent | FilterChain - Agent |
87+ | FilterChain - Agent | | ContextValve - Agent | ContextValve - Agent |
88+ | ContextValve - Agent | | | |
89+
90+ | Resin(3 ~ 4) | SpringMVC | SpringWebFlux | XXL-JOB |
91+ | ---------------------| --------------------------| -----------------| --------------|
92+ | Servlet | Interceptor | WebFilter | NettyHandler |
93+ | Filter | ControllerHandler | HandlerMethod | |
94+ | Listener | FrameworkServlet - Agent | HandlerFunction | |
95+ | FilterChain - Agent | | NettyHandler | |
96+
97+ | JBossAS(4 ~ 7) | JBossEAP(6 ~ 7) | WildFly(9 ~ 30) | Undertow |
98+ | ----------------------| ----------------------------| ------------------------| ------------------------|
99+ | Filter | Filter | Servlet | Servlet |
100+ | Listener | Listener | Filter | Filter |
101+ | Valve | Valve(6) | Listener | Listener |
102+ | FilterChain - Agent | FilterChain - Agent (6) | ServletHandler - Agent | ServletHandler - Agent |
103+ | ContextValve - Agent | ContextValve - Agent (6) | | |
104+ | | ServletHandler - Agent (7) | | |
105+
106+ | WebSphere(7 ~ 9) | WebLogic (10.3.6 ~ 14) |
107+ | -----------------------| -------------------------|
108+ | Servlet | Servlet |
109+ | Filter | Filter |
110+ | Listener | Listener |
111+ | FilterManager - Agent | ServletContext - Agent |
112+
113+ | BES(9.5.x) | TongWeb(6 ~ 7) | InforSuite AS (9 ~ 10) | Apusic AS (9) |
114+ | ----------------------| ----------------------| ------------------------| ---------------|
115+ | Filter | Filter | Filter | Servlet |
116+ | Listener | Listener | Listener | Filter |
117+ | Valve | Valve | Valve | Listener |
118+ | FilterChain - Agent | FilterChain - Agent | FilterChain - Agent | |
119+ | ContextValve - Agent | ContextValve - Agent | ContextValve - Agent | |
120+
121+ ### 内存马功能
122+
123+ - [x] Godzilla 哥斯拉
124+ - [x] Behinder 冰蝎
125+ - [x] 命令执行
126+ - [x] Suo5
127+ - [x] AntSword 蚁剑
128+ - [x] Neo-reGeorg
129+ - [x] Custom
130+
131+ ### 封装方式
132+
133+ - [x] BASE64
134+ - [x] GZIP BASE64
135+ - [x] JSP
136+ - [x] JSPX
137+ - [x] JAR
138+ - [x] BCEL
139+ - [x] 内置脚本引擎、Rhino 脚本引擎
140+ - [x] EL、SpEL、OGNL、Aviator、MVEL、JEXL、Groovy、JXPath、BeanShell
141+ - [x] Velocity、Freemarker、JinJava
142+ - [x] 原生反序列化(CB4)
143+ - [x] Agent
144+ - [x] XXL-JOB Executor
145+ - [x] Hessian、Hessian2 反序列化(XSLT链)
146+ - [ ] JNDI
147+ - [ ] JDBC 连接
148+ - [ ] 其他常见反序列化
149+
150+ ## 本地构建
151+
152+ ### 源代码构建
76153
77154> 适合想编写代码的小伙伴,使用 Git Clone 下载到本地,并构建前后端项目以供使用
78155
@@ -132,15 +209,15 @@ docker run -it -d --name memshell-party -p 8080:8080 memshell-party:latest
132209``` bash
133210# 基础构建
134211docker buildx build \
135- --build-arg VERSION=1.3.1 \
212+ --build-arg VERSION=1.6.0 \
136213 -t memshell-party:latest . --load
137214
138215# 基础镜像启动,访问 127.0.0.1:8080
139216docker run -it -d -p 8080:8080 memshell-party:latest
140217
141218# 自定义访问路径构建
142219docker buildx build \
143- --build-arg VERSION=1.3.1 \
220+ --build-arg VERSION=1.6.0 \
144221 --build-arg ROUTE_ROOT_PATH=/memshell-party \
145222 --build-arg CONTEXT_PATH=/memshell-party \
146223 -t memshell-party:latest . --load
@@ -172,81 +249,6 @@ location /memshell-party {
172249}
173250```
174251
175- ## 适配情况
176-
177- 已兼容 Java6 ~ Java8、Java9、Java11、Java17、Java21
178-
179- ### 中间件以及框架
180-
181- | Tomcat(5 ~ 11) | Jetty(6 ~ 11) | GlassFish(3 ~ 7) | Payara(5 ~ 6) |
182- | ----------------------| ------------------------| ----------------------| ----------------------|
183- | Servlet | Servlet | Filter | Filter |
184- | Filter | Filter | Listener | Listener |
185- | Listener | Listener | Valve | Valve |
186- | Valve | ServletHandler - Agent | FilterChain - Agent | FilterChain - Agent |
187- | FilterChain - Agent | | ContextValve - Agent | ContextValve - Agent |
188- | ContextValve - Agent | | | |
189-
190- | Resin(3 ~ 4) | SpringMVC | SpringWebFlux | XXL-JOB |
191- | ---------------------| --------------------------| -----------------| --------------|
192- | Servlet | Interceptor | WebFilter | NettyHandler |
193- | Filter | ControllerHandler | HandlerMethod | |
194- | Listener | FrameworkServlet - Agent | HandlerFunction | |
195- | FilterChain - Agent | | NettyHandler | |
196-
197- | JBossAS(4 ~ 7) | JBossEAP(6 ~ 7) | WildFly(9 ~ 30) | Undertow |
198- | ----------------------| ----------------------------| ------------------------| ------------------------|
199- | Filter | Filter | Servlet | Servlet |
200- | Listener | Listener | Filter | Filter |
201- | Valve | Valve(6) | Listener | Listener |
202- | FilterChain - Agent | FilterChain - Agent (6) | ServletHandler - Agent | ServletHandler - Agent |
203- | ContextValve - Agent | ContextValve - Agent (6) | | |
204- | | ServletHandler - Agent (7) | | |
205-
206- | WebSphere(7 ~ 9) | WebLogic (10.3.6 ~ 14) |
207- | -----------------------| -------------------------|
208- | Servlet | Servlet |
209- | Filter | Filter |
210- | Listener | Listener |
211- | FilterManager - Agent | ServletContext - Agent |
212-
213- | BES(9.5.x) | TongWeb(6 ~ 7) | InforSuite AS (9 ~ 10) | Apusic AS (9) |
214- | ----------------------| ----------------------| ------------------------| ---------------|
215- | Filter | Filter | Filter | Servlet |
216- | Listener | Listener | Listener | Filter |
217- | Valve | Valve | Valve | Listener |
218- | FilterChain - Agent | FilterChain - Agent | FilterChain - Agent | |
219- | ContextValve - Agent | ContextValve - Agent | ContextValve - Agent | |
220-
221- ### 内存马功能
222-
223- - [x] Godzilla 哥斯拉
224- - [x] Behinder 冰蝎
225- - [x] 命令执行
226- - [x] Suo5
227- - [x] AntSword 蚁剑
228- - [x] Neo-reGeorg
229- - [x] Custom
230-
231- ### 封装方式
232-
233- - [x] BASE64
234- - [x] GZIP BASE64
235- - [x] JSP
236- - [x] JSPX
237- - [x] JAR
238- - [x] BCEL
239- - [x] 内置脚本引擎、Rhino 脚本引擎
240- - [x] EL、SpEL、OGNL、Aviator、MVEL、JEXL、Groovy、JXPath、BeanShell
241- - [x] Velocity、Freemarker、JinJava
242- - [x] 原生反序列化(CB4)
243- - [x] Agent
244- - [x] XXL-JOB Executor
245- - [x] Hessian、Hessian2 反序列化(XSLT链)
246- - [ ] JNDI
247- - [ ] JDBC 连接
248- - [ ] 其他常见反序列化
249-
250252## How
251253
2522541 . 如何使用 bytebuddy 生成类,为属性赋值,添加方法,指定位置调用方法?(** WIP** )
0 commit comments