File tree Expand file tree Collapse file tree 2 files changed +10
-2
lines changed
Expand file tree Collapse file tree 2 files changed +10
-2
lines changed Original file line number Diff line number Diff line change 2020
2121## 分类
2222
23- 当前问题总数:80
23+ 当前问题总数:81
2424
2525[ Java本身的安全问题 - 16个] ( https://github.com/4ra1n/JavaSecInterview/tree/master/java )
2626
3232
3333[ Spring框架相关的安全问题 - 16个] ( https://github.com/4ra1n/JavaSecInterview/tree/master/spring )
3434
35- [ 内存马专题 - 10个 ] ( https://github.com/4ra1n/JavaSecInterview/tree/master/memshell )
35+ [ 内存马专题 - 11个 ] ( https://github.com/4ra1n/JavaSecInterview/tree/master/memshell )
3636
3737[ 反序列化CC链专题 - 8个] ( https://github.com/4ra1n/JavaSecInterview/tree/master/cc )
3838
Original file line number Diff line number Diff line change @@ -83,6 +83,14 @@ Java Agent内存马:这种方式不仅限于`Tomcat`或`Spring`
8383
8484
8585
86+ ### 查到Java Agent内存马那么应该如何杀(★★)
87+
88+ 这个比较简单,用` Agent ` 把查到的类对应的方法改成原始的字节码即可
89+
90+ 获取原始字节码也不难,从本地或标准库中查找,然后利用` Javassist ` 修改
91+
92+
93+
8694### 如果有一个陌生的框架你如何挖内存马(★★★)
8795
8896核心是找到类似` Tomcat ` 和` Spring ` 中的` Context ` 对象,然后尝试从其中获取` request ` 和` response ` 对象以实现内存马的功能。
You can’t perform that action at this time.
0 commit comments