|
2 | 2 |
|
3 | 3 | What's new: |
4 | 4 |
|
5 | | -- [Function] Support internationalization, the page supports English switching, and the language can be switched in the upper right corner after landing on the page@Ar3h |
6 | | -- [Function] Added 'OneForAllEcho' Gadget, which is a bytecode type, which can realize one-click echo @4ra1n in Tomcat, WebLogic, Jetty, and Spring environments |
7 | | -- [Feature] Added 'XMLDecoder' Payload to generate @4ra1n |
8 | | -- [New Chain] Added HutoolJndiDSFactory, hutoolSimpleDSFactory, and hutoolPooledDSFactory three hutool-related Getter chain @unam4 |
9 | | -- [Improve] Java deserialization supports full UTF8 overlong (see PPPYSO project) @Ar3h |
10 | | -- [Optimization] Optimized the prompt of the front-end Gadget option, the front-end uses cyan to remind that Gadget is not applicable to some situations, you need to read the detailed description and judge the @Ar3h by yourself |
11 | | -- [Optimization] Add cache to the front-end to reduce the number of requests and improve the speed @Ar3h |
12 | | -- [Improve] Split out the DNSLogWithInfo chain, which is specially used to echo the gadget chain information through DNSLog, which is convenient for judging the available chain @Ar3h in the stud chain |
| 5 | +- [Function] Support internationalization, the page supports English switching, and the language can be switched in the |
| 6 | + upper right corner after landing on the page @Ar3h |
| 7 | +- [Feature] Added 'OneForAllEcho' Gadget, which is a bytecode type, which can realize one-click echo in Tomcat, |
| 8 | + WebLogic, Jetty, and Spring environments @4ra1n |
| 9 | +- [Function] Added 'XMLDecoder' Payload generation @4ra1n |
| 10 | +- [New Chain] Added three Getter chains: HutoolJndiDSFactory、hutoolSimpleDSFactory、hutoolPooledDSFactory @unam4 |
| 11 | +- [Improve] Java deserialization support for full UTF8 overlong (see PPPYSO project) @Ar3h |
| 12 | +- [Optimization] Optimized the prompt of the front-end Gadget option, the front-end uses cyan to remind that Gadget is |
| 13 | + not applicable to some situations, and you need to read the detailed description and make your own judgment @Ar3h |
| 14 | +- [Improve] Split out the DNSLogWithInfo chain, which is specially used to echo the gadget chain information through |
| 15 | + DNSLog, which is convenient for judging the available chain in the stud chain @Ar3h |
| 16 | +- [Improve] Add cache to the front-end to reduce the number of requests and improve the speed @Ar3h |
13 | 17 | - [BUG] Fixed the serious bug that DNSLog and DNSLogAndHttp could not be used normally |
14 | 18 |
|
15 | | -Thanks to the following users for their contributions: |
16 | | - |
17 | | -- Ar3h (https://github.com/Ar3h) |
18 | | -- 4ra1n (https://github.com/4ra1n) |
19 | | -- unam4 (https://github.com/unam4) |
20 | | - |
21 | | -It is recommended to use 'docker' for one-click startup |
22 | | - |
23 | | -## 1.2.1 |
24 | | - |
25 | | -What's new: |
26 | | - |
27 | | -- [Feature] Added @unam4 for 'Hessian LazyValueWithSleep' chain |
28 | | -- [Feature] Added @匿名 of 'TomcatEcho' echo (can be used when 'Jeg' is not available). |
29 | | -- [Improve] Optimized the description of the preset chain @Ar3h |
30 | | -- [Improve] Optimized the description of 'JNDI' and some descriptions of 'Gadget'@Ar3h |
31 | | - |
32 | | -Thanks to the following users for their contributions: |
33 | | - |
34 | | -- Ar3h (https://github.com/Ar3h) |
35 | | -- unam4 (https://github.com/unam4) |
36 | | -- An anonymous security research master |
37 | | - |
38 | | -Use 'java -jar java-chains.jar' to get started |
39 | | - |
40 | | -It is recommended to use 'docker' for one-click startup |
41 | | - |
42 | | -## 1.2.0 |
43 | | - |
44 | | -What's new: |
45 | | - |
46 | | -- [Important] Added the function of preset chains, which allows you to check @Ar3h with one click for commonly used chains |
47 | | -- [Important] All options and configurations are described in detail, and hints are @Ar3h |
48 | | -- [Function] Support downloading 'payload' as a file function @Ar3h |
49 | | -- [Function] 'OtherPayload' adds a 'JSP' @Ar3h in 'JMG' format |
50 | | -- [Function] 'OtherPayload' adds 'Java' two commands to handle @4ra1n |
51 | | -- [BUG] Fixed the issue that the description of the 'gadget' parameter on the frontend was displayed abnormally @Ar3h |
52 | | -- [BUG] Fixed the problem of invalid @Ar3h generation due to the wrong configuration of the 'payload' parameter in the frontend |
53 | | -- [BUG] FIX THE 'BUG' @Ar3h WHERE THE 'JSP' TEMPLATE CANNOT BE USED PROPERLY |
54 | | -- [BUG] Not importing 'aspectj' dependencies results in some 'gadget' errors @Ar3h |
55 | | -- [Improve] Optimize the priority @Ar3h of some 'gadget' |
56 | | -- [Improve] Added support for displaying the prompt output of 'jmg' @Ar3h |
57 | | -- [Improve] Fixed 'admin' login username and only random login password @4ra1n |
58 | | -- [Improve] Removed the @4ra1n @ssrsec of 'Security Path' function in security |
59 | | -- [Improve] The frontend uses a better black theme @Ar3h by default |
60 | | -- [Improve] Optimized the @Ar3h of the 'run' and 'copy' buttons in the front-end interface |
61 | | - |
62 | | -Thanks to the following users for their contributions: |
63 | | - |
64 | | -- Ar3h (https://github.com/Ar3h) |
65 | | -- 4ra1n (https://github.com/4ra1n) |
66 | | -- 说书人 (https://github.com/ssrsec) |
67 | | - |
68 | | -Use 'java -jar java-chains.jar' to get started |
69 | | - |
70 | | -It is recommended to use 'docker' for one-click startup |
71 | | - |
72 | | -## 1.1.0 |
73 | | - |
74 | | -What's new: |
75 | | - |
76 | | -- [Important] Front-end refactoring and optimization @Ar3h |
77 | | -- [Important] Provide a @Ar3h @4ra1n of 'docker' one-click startup commands |
78 | | -- [Important] Provides a @Ar3h of easy plugin system to load from 'jar' files |
79 | | -- [Important] Added 'h2 without js' @unam4 for all versions of the kill chain |
80 | | -- [Function] Login function based on 'Spring Security' @springkill @4ra1n |
81 | | -- [Feature] Two new @unam4 for 'equals' and 'c3p0 jndi/jdbc' chains |
82 | | -- [Feature] 'hessian' added 'groovy' to leverage chain @Ar3h |
83 | | -- [Function] Bytecode can add 'main' static entry function @Ar3h |
84 | | -- [BUG] The 'favicon.ico' icon is not displayed correctly Issue @xcxmiku |
85 | | -- [Improve] 'Server' probe added 'netty' framework probe @Ar3h |
86 | | -- [Improve] The later version of 'Oralce JDK' can use @4ra1n related to 'BCEL' |
87 | | -- [Improve] Optimized some 'gadget' tooltips @4ra1n of type 'unix' only |
88 | | -- [Improve] Format the output log, append a color @springkill to the log |
89 | | -- [Improve] Detect 'java' version at startup and give a warning @4ra1n |
90 | | -- [Improve] Optimized interceptor logic @ssrsec |
91 | | -- [Optimization] Optimized the 'base64' versatility @ssrsec |
92 | | -- [Documentation] Write a new version using Documentation @ssrsec |
93 | | - |
94 | | -Thanks to the following users for their contributions: |
95 | | - |
96 | | -- Ar3h (https://github.com/Ar3h) |
97 | | -- An anonymous security researcher |
98 | | -- unam4 (https://github.com/unam4) |
99 | | -- 小晨曦 (https://github.com/xcxmiku) |
100 | | -- 4ra1n (https://github.com/4ra1n) |
101 | | -- springkill (https://github.com/springkill) |
102 | | -- 说书人 (https://github.com/ssrsec) |
103 | | - |
104 | | -Use 'java -jar java-chains.jar' to start ('Java 8' environment only) |
105 | | - |
106 | | -It is recommended to use 'docker' to start with one click (please refer to the 'README' page) |
107 | | - |
108 | | -Among them, 'chains-config.zip' is a supplementary plug-in, which can be decompressed and placed in the 'jar' directory |
109 | | - |
110 | | -## 1.0.0 |
111 | | - |
112 | | -Initial release |
0 commit comments