内存马demo
0x01 前言
内存马属于无文件落地攻击的代表
0x02 本地环境
tomcat 9.0.90
java version "1.8.0_91"
0x03 Tomcat servlet
创建项目
pom增加Java Servlet API » 4.0.1依赖
#TestServlet代码
package cn.txf7;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
@WebServlet("/test")
public class TestServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
resp.getWriter().write("hello world");
}
}增加Web模块
访问http://localhost:8080/TestServlet/test
WebSocket jsp马
https://github.com/veo/wsMemShell/blob/main/static/wsNotAddEndpoint.md
License:
杭州小单纯