SLF4J: Failed to load class "org.slf4j.impl.StaticLoggerBinder".
SLF4J: Defaulting to no-operation (NOP) logger implementation
SLF4J: See http://www.slf4j.org/codes.html#StaticLoggerBinder for further details.
MLog initialization issue: slf4j found no binding or threatened to use its (dangerously silent) NOPLogger. We consider the slf4j library not found.
log4j:WARN No appenders could be found for logger (com.mchange.v2.log.MLog).
log4j:WARN Please initialize the log4j system properly.
log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more info.
Exception in thread "Thread-6" java.lang.NoSuchMethodError: com.sun.org.apache.xerces.internal.dom.AttrNSImpl.setValues(Lcom/sun/org/apache/xerces/internal/dom/CoreDocumentImpl;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)V
at com.sma11new.exp.shiro.attack.payloads.CommonsBeanutilsAttrCompare.getObject(CommonsBeanutilsAttrCompare.java:25)
at com.sma11new.exp.shiro.attack.payloads.CommonsBeanutilsAttrCompare.getObject(CommonsBeanutilsAttrCompare.java:15)
at com.sma11new.exp.shiro.ShiroAttack.GadgetPayload(ShiroAttack.java:186)
at com.sma11new.exp.shiro.ShiroAttack.checkChain(ShiroAttack.java:82)
at com.sma11new.controller.ShiroController.lambda$checkAllChains$18(ShiroController.java:342)
at java.lang.Thread.run(Unknown Source)
Tears-of-the-sun
commented
2 months ago
java -jar Pyke-Shiro_0.3.jar
SLF4J: Failed to load class "org.slf4j.impl.StaticLoggerBinder". SLF4J: Defaulting to no-operation (NOP) logger implementation SLF4J: See http://www.slf4j.org/codes.html#StaticLoggerBinder for further details. MLog initialization issue: slf4j found no binding or threatened to use its (dangerously silent) NOPLogger. We consider the slf4j library not found. log4j:WARN No appenders could be found for logger (com.mchange.v2.log.MLog). log4j:WARN Please initialize the log4j system properly. log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more info. Exception in thread "Thread-6" java.lang.NoSuchMethodError: com.sun.org.apache.xerces.internal.dom.AttrNSImpl.setValues(Lcom/sun/org/apache/xerces/internal/dom/CoreDocumentImpl;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)V at com.sma11new.exp.shiro.attack.payloads.CommonsBeanutilsAttrCompare.getObject(CommonsBeanutilsAttrCompare.java:25) at com.sma11new.exp.shiro.attack.payloads.CommonsBeanutilsAttrCompare.getObject(CommonsBeanutilsAttrCompare.java:15) at com.sma11new.exp.shiro.ShiroAttack.GadgetPayload(ShiroAttack.java:186) at com.sma11new.exp.shiro.ShiroAttack.checkChain(ShiroAttack.java:82) at com.sma11new.controller.ShiroController.lambda$checkAllChains$18(ShiroController.java:342) at java.lang.Thread.run(Unknown Source)
此时已确认key,cookie自定义rememberme