1. 程式人生 > 其它 >java.lang.Runtime.exec() Payload Workarounds

java.lang.Runtime.exec() Payload Workarounds

Occasionally there are times when command execution payloads via Runtime.getRuntime().exec() fail. This can happen when using web shells, deserialization exploits, or through other vectors.

Sometimes this is because redirection and pipe characters are used in a way that doesn't make sense in the context of the process that's being launched. For example, executing ls > dir_listing

in a shell should output a listing of the current directory into a file called dir_listing. But in the context of the exec() function, that command would instead be interpreted to fetch the listings of the > and dir_listing directories.

Other times, arguments with spaces within them are broken by the StringTokenizer class which splits command strings by spaces. Something like ls "My Directory"

would then be interpreted as ls '"My' 'Directory"'.

With the help of Base64 encoding, the converter below can help reduce these issues. It can make pipes and redirects great again through calls to Bash or PowerShell and it also ensures that there aren't spaces within arguments.

Input type: