生成payload报 javassist/NotFoundException错误。

[XTeam-Wing]

jdk8 是因为依赖的问题吗 execution deserial} scan start... ------ [x] java.lang.NoClassDefFoundError: javassist/NotFoundException at me.gv7.woodpecker.plugin.pocs.CasPoc.doVerify(CasPoc.java:14) at me.gv7.woodpecker.t.IIiIIiiIIiI.doInBackground(x:171) at javax.swing.SwingWorker$1.call(SwingWorker.java:295) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at javax.swing.SwingWorker.run(SwingWorker.java:334)

[Ppsoft1991]

首先确认是否下载了cas反序列化插件的最新依赖 woodpecker-requests https://github.com/woodpecker-framework/woodpecker-requests ysoserial-for-woodpecker https://github.com/woodpecker-framework/ysoserial-for-woodpecker 保存在common文件夹中

ysoserial-for-woodpecker的使用和正常的yso有点不同，功能会更多，

比如

gadget=CommonsCollections4 command=sleep:10

也可以直接在目标运行class(配合一些回显的class，或者打内存马class)

gadget=CommonsCollections4 command=class_file:/tmp/example.class

例子可以参考注释 88-99行 https://github.com/woodpecker-framework/ysoserial-for-woodpecker/blob/master/src/main/java/me/gv7/woodpecker/yso/payloads/CommonsCollections6.java

[XTeam-Wing]

用的最新版本的yso,会提示这个 [>] ------ Target: {http://10.1.1.1:49258/cas/login} Vul: {Apereo cas execution deserial} scan start... ------ [x] java.lang.NoClassDefFoundError: ys/payloads/ObjectPayload$Utils at me.gv7.woodpecker.plugin.CasCommonUtils.generate(CasCommonUtils.java:58) at me.gv7.woodpecker.plugin.pocs.CasPoc.doVerify(CasPoc.java:17) at me.gv7.woodpecker.t.IIiIIiiIIiI.doInBackground(x:171) at javax.swing.SwingWorker$1.call(SwingWorker.java:295) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at javax.swing.SwingWorker.run(SwingWorker.java:334)

我自己调试下看看

[c0ny1]

@RedTeamWing 从你的报错看,是用了比较老的cas插件。不知道你用的是那个版本，推荐下载最新的。

[XTeam-Wing]

ok