File tree Expand file tree Collapse file tree 2 files changed +64
-0
lines changed
Expand file tree Collapse file tree 2 files changed +64
-0
lines changed Original file line number Diff line number Diff line change 1+ ## 1.4.2
2+
3+ #### 🚀 New Features
4+
5+ - ** New Echo Modules** : Added multiple Echo chains/gadgets. Contributed by @ReaJason .
6+ - ** High JDK Support** : Added support for multiple gadgets compatible with JDK 17+ (identified by ` HighJDK ` or
7+ ` HighVersion ` suffix). Contributed by @n1ght (https://www.n1ght.cn/ ).
8+ - ** Embedded JDK** : Support for bundled JDK in the release, allowing out-of-the-box usage.
9+ - ** Payload Generation** :
10+ - Added FakeMySQLPipeFile generation. Contributed by @unam4 .
11+ - Added JSF encrypted Payload generation. Contributed by @B0T1eR .
12+ - Added FileUpload1 gadget. Contributed by @B0T1eR .
13+ - Added Hutool MapProxy secondary deserialization gadget. Contributed by @unam4 .
14+ - ** Environment Detection** : Added detection for ` javax_servlet ` and ` jakarta_servlet ` . Contributed by @B0T1eR .
15+
16+ #### 🛠 Improvements
17+
18+ - ** JRMPListener Optimization** : Improved JRMPListener to prevent leaking local library information. Contributed by
19+ @unam4 .
20+ - ** Dependency Clarification** : Clearly distinguished between ` MchangeC3p0Reference ` (com.mchange: c3p0 ) and
21+ ` C3p0_C3p0Reference ` (c3p0: c3p0 ).
22+ - ** UI Update** : Optimized the frontend login user interface.
23+
24+ #### 🐛 Bug Fixes
25+
26+ - Fixed an issue causing port conflicts.
27+ - Fixed an issue triggering the Security Manager on Windows environments.
28+
29+ #### ❤️ Acknowledgments
30+
31+ Special thanks to the following users for reporting bugs and helping improve the project:
32+ @Catherines77 @1diot9 @yuxianzi @Skay @jlkl @Ckmount
33+
134## 1.4.1
235
336** Added**
Original file line number Diff line number Diff line change 1+ ## 1.4.2
2+
3+ #### 🚀 新增功能
4+
5+ - ** 新增 Echo 回显支持** :集成了多种新的 Echo 利用方式 @ReaJason
6+ - ** 高版本 JDK 支持** :新增多个支持 JDK 17+ 的利用链(Gadget 名称后缀带有 ` HighJDK ` 或 ` HighVersion ` )
7+ @n1ght (https://www.n1ght.cn/ )
8+ - ** 内嵌 JDK 支持** :支持发布包内嵌 JDK 环境,开箱即用。
9+ - ** Payload 生成扩展** :
10+ - 新增 FakeMySQLPipeFile 生成功能 @unam4
11+ - 新增 JSF 加密 Payload 生成功能 @B0T1eR
12+ - 新增 FileUpload1 上传利用链 @B0T1eR
13+ - 新增 Hutool MapProxy 二次反序列化利用 @unam4
14+ - ** 环境探测** :新增 ` javax_servlet ` 与 ` jakarta_servlet ` 环境探测功能 @B0T1eR
15+
16+ #### 🛠 优化改进
17+
18+ - ** JRMPListener 增强** :优化了 JRMP 监听器,防止泄漏本地 Lib 库信息,提高安全性 @unam4
19+ - ** 依赖区分** :明确区分了 ` MchangeC3p0Reference ` (com.mchange: c3p0 ) 与 ` C3p0_C3p0Reference ` (c3p0: c3p0 ) 两种依赖,避免混淆。
20+ - ** UI 体验** :优化了前端登录界面的 UI 设计。
21+
22+ #### 🐛 问题修复
23+
24+ - 修复了端口冲突导致服务无法启动的问题。
25+ - 修复了在 Windows 环境下触发 Security Manager(安全管理器)异常的问题。
26+
27+ #### ❤️ 致谢
28+
29+ 感谢以下用户反馈 Bug 并帮助改进项目:
30+ @Catherines77 @1diot9 @yuxianzi @Skay @jlkl @Ckmount
31+
132## 1.4.1
233
334** Added**
You can’t perform that action at this time.
0 commit comments