最新版4.5.6版本检测shiro框架bug #38

wwsuixin · 2022-09-28T07:36:44Z

第一次检测目标请求包如下，可正常识别框架：

GET /salary/login HTTP/1.1
Cookie: rememberMe=yes
Accept: text/html,application/json,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Hutool
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.8
Host: xxxx.cn
Connection: close

第二次检测目标请求包如下，无法识别出框架：

GET /salary/login HTTP/1.1
Cookie: rememberMe=yes
Accept: text/html,application/json,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Hutool
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.8
Cookie: BIGipServerj98Jz77D1botFNwi19B7uQ=!PDqHcpQNxeQIvO/ZCZ9QxSHa8ugO20c5xec/V4fjR2zJKhjd49+Ftq36DuwH7pYKAx0/18QR7AaGzrQ=
Cookie: shiroCookie=0069220b-14c6-48e8-b497-1ae5fb8084d3
Host: xxx.cn
Connection: close

分析得出程序构造请求包时未将两个cookie合并到一起，导致第一个关键cookie值被覆盖，服务器无法接收到rememberMe=yes,望修复

The text was updated successfully, but these errors were encountered:

SummerSec · 2022-09-28T08:50:28Z

啥意思？第二次检测目标？

wwsuixin · 2022-09-28T13:39:23Z

第一次点击【检测当前密钥】能识别出目标框架时shiro，然后再次点击就识别不出来了，分析两次的数据包发现，第二次点击的时候请求头有3个cookie值，而服务器没有获取到第一个“Cookie: rememberMe=yes”，导致返回的响应包中不包含 rememberMe字段了，希望程序发送请求的时候能够处理一下这个cookie值的参数，使3个cookie合并到一个当中

Baikeryoyo mentioned this issue Dec 28, 2022

检测利用链失败 #30

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

最新版4.5.6版本检测shiro框架bug #38

最新版4.5.6版本检测shiro框架bug #38

wwsuixin commented Sep 28, 2022

SummerSec commented Sep 28, 2022

wwsuixin commented Sep 28, 2022 •

edited

最新版4.5.6版本检测shiro框架bug #38

最新版4.5.6版本检测shiro框架bug #38

Comments

wwsuixin commented Sep 28, 2022

SummerSec commented Sep 28, 2022

wwsuixin commented Sep 28, 2022 • edited

wwsuixin commented Sep 28, 2022 •

edited