java memshell generator

English | Chinese

Java Memshell Generator

A highly customizable Java memory horse generation tool

Warning

This tool is for security research and learning purposes only. Users are responsible for all legal and related responsibilities arising from the use of this tool. Please ensure that your actions comply with local laws and regulations. The author assumes no responsibility. If you do not accept this, please do not use this tool.

Function

compile

maven (v3.9.3)

 mvn package assembly:single

use

Graphical

 java -jar ./releases/jmg-gui-1.0.8.jar

command line

 java -jar ./releases/jmg-cli-1.0.8.jar

Woodpecker plugin

Add jmg-woodpecker-1.0.8.jar to the woodpecker plug-in directory

Third-party library (Maven)

1. Install jmg-sdk-1.0.8.jar to the local maven repository

 mvn install:install-file -Dfile=./releases/jmg-sdk-1.0.8.jar -DgroupId=jmg -DartifactId=jmg-sdk -Dversion=1.0.8 -Dpackaging=jar

2. Add as dependency

 <dependency>
<groupId>jmg</groupId>
<artifactId>jmg-sdk</artifactId>
<version>1.0.8</version>
</dependency>

3.Example

// 基础配置
AbstractConfig config = new AbstractConfig() {{
    // 设置工具类型
    setToolType(Constants.TOOL_GODZILLA);
    // 设置中间件 or 框架
    setServerType(Constants.SERVER_TOMCAT);
    // 设置内存马类型
    setShellType(Constants.SHELL_LISTENER);
    // 设置输出格式为 BASE64
    setOutputFormat(Constants.FORMAT_BASE64);
    // 设置漏洞利用封装，默认不启用
    setGadgetType(Constants.GADGET_NONE);
    // 初始化基础配置
    build();
}};

jMGenerator generator = new jMGenerator(config);
generator.genPayload();
generator.printPayload();

// 连接信息
SDKResultUtil.printBasicInfo(config);
SDKResultUtil.printDebugInfo(config);

document

• jMG v1.0.8

• jMG v1.0.6

• jMG v1.0.5

• jMG v1.0.4

Acknowledgments

• https://github.com/c0ny1

• https://github.com/whwlsfb

• https://github.com/feihong-cs/memShell

• https://github.com/su18/MemoryShell

• https://github.com/BeichenDream/GodzillaMemoryShellProject

protocol

• MIT