Releases: cckuailong/JNDI-Injection-Exploit-Plus
Releases · cckuailong/JNDI-Injection-Exploit-Plus
JNDI-Injection-Exploit-Plus-2.5
add chain scala1
JNDI-Injection-Exploit-Plus-2.4
- Add DirtyWrap: Insert a lot of dirty data to bypass WAF
- optimize UTF-Fusion Function
JNDI-Injection-Exploit-Plus-2.3
- New Function: new flag "-F" to fusion the class name in the bytes to bypass WAF.
- Remove sensitive info to bypass WAF.
JNDI-Injection-Exploit-Plus-2.2
- fix bug which give empty output when use Deserialize Gadget
- add Jackson Gadget to exploit nacos jraft rce
JNDI-Injection-Exploit-Plus-2.1
Update README.md
JNDI-Injection-Exploit-Plus-2.0
Add Some Weblogic Gadgets
JNDI-Injection-Exploit-Plus-1.9
add weblogic5: CVE-2020-14645
JNDI-Injection-Exploit-Plus-1.8
add apereo wrapper
JNDI-Injection-Exploit-Plus-1.7
- optimize CommonDeseial
- add wrapper Function
- add Xstream wrapper
- fix bin output bug
- add new type Output -- hex
- add Web to return Deserial Data
JNDI-Injection-Exploit-Plus-1.6
- add 3 new coherence gadgets
- fix coherence1's bug