search

zilong3033 / fastjsonScan

fastjson漏洞burp插件,检测fastjson<1.2.68基于dnslog,fastjson<=1.2.24和1.2.33<=fatjson<=1.2.47的不出网检测和TomcatEcho,SpringEcho回显方案。
106 stars 73 forks source link

无回显 #5

Closed kN6jq closed 3 years ago

kN6jq commented 3 years ago

测试了vulhub的和作者给的,都是rmi的出网的,没有回显的,自己手动测试是可以回显的 image