FastJson最新反序列化漏洞分析

PGgyIGlkPSJ0b2MtMCI+5ryP5rSe5Y2x5a6z77ya5Lil6YeNPC9oMj48bGk+RmFzdEpzb27mnIDmlrDniIblh7rnmoTnu5Xov4fmlrnms5Xlj6/ku6XpgJrmnYAxLjIuNDjniYjmnKzku6XkuIvmiYDmnInvvIzmnInkvKDoqIDlnKhhdXRvdHlwZeW8gOWQr+eahOaDheWGteS4i+WPr+S7peaJk+WIsDEuMi41N+OAgjxici8+IyMg6Kej5Yaz5pa55qGI77yaPC9saT48bGk+RmFzdEpzb27ljYfnuqfliLDmnIDmlrAxLjIuNTjniYjmnKzvvJs8L2xpPjxsaT7ph4fnlKjpu5jorqTnmoTlhbPpl61hdXRvdHlwZTxici8+IyMg5ryP5rSe6K+m5oOF77yaPGJyLz5mYXN0anNvbuaYr2FsaWJhYmHlvIDmupDnmoTkuIDmrL7pq5jmgKfog73lip/og73lrozlloTnmoRKU09O5bqT77yM5ZyoMjAxN+W5tDTmnIgxOOaXpeeahOaXtuWAmeWumOaWueiHquW3seeIhuWHuuS6huS4gOS4quWuieWFqOa8j+a0nu+8jDxhIGhyZWY9Imh0dHBzOi8vZ2l0aHViLmNvbS9hbGliYWJhL2Zhc3Rqc29uL3dpa2kvc2VjdXJpdHlfdXBkYXRlXzIwMTcwMzE177yM5b2x5ZON6IyD5Zu0IiB0YXJnZXQ9Il9ibGFuayI+aHR0cHM6Ly9naXRodWIuY29tL2FsaWJhYmEvZmFzdGpzb24vd2lraS9zZWN1cml0eV91cGRhdGVfMjAxNzAzMTXvvIzlvbHlk43ojIPlm7Q8L2E+IDEuMi4yNOS7peWPiuS5i+WJjeeJiOacrOOAgumaj+edgOmAkOatpeS/ruWkje+8jDEuMi40Mi00NeS5i+mXtOmDveWHuueOsOi/h+e7lei/h+OAguiAjOacgOi/keeIhuWHuueahOabtOaYr+mAmuadgOm7mOiupOmFjee9rjEuMi40OOeJiOacrOS7peS4i+OAguS4i+i+ueaYr+a8j+a0nuWIhuaekOOAgjwvbGk+PHA+cGF5bG9hZO+8mjwvcD48cD48aW1nIHNyYz0iaHR0cHM6Ly9iYnMuemthcS5jbi91cGxvYWQvdXNlcmZpbGUvMTkzMi9lZWEyMDY3Mzc2ZWEyZmQ2N2E3Zjg2ZDU5OTRmMDkxNC5wbmciLz48L3A+PHA+6L+Z5qyh57uV6L+H55qE5aSn5L2T5oCd6Lev5piv6YCa6L+HamF2YS5sYW5nLkNsYXNz77yM5bCGSmRiY1Jvd1NldEltcGznsbvliqDovb3liLBtYXDnvJPlrZjvvIzku47ogIznu5Xov4dhdXRvdHlwZeeahOajgOa1i+OAguWboOatpOWwhnBheWxvYWTliIbkuKTmrKHlj5HpgIHvvIznrKzkuIDmrKHliqDovb3vvIznrKzkuozmrKHmiafooYzjgILpu5jorqTmg4XlhrXkuIvvvIzlj6ropoHpgYfliLDmsqHmnInliqDovb3liLDnvJPlrZjnmoTnsbvvvIxjaGVja2F1dG90eXBl5bCx5Lya5oqb5Ye65byC5bi45bm25Lit5q2i44CCPC9wPjxwPuWFpeWPo+WcqHBhcnNl5pa55rOV77yM5Y2V5q2l6L+b5Y67PC9wPjxwPjxici8+PC9wPjxwPjxpbWcgc3JjPSJodHRwczovL2Jicy56a2FxLmNuL3VwbG9hZC91c2VyZmlsZS8xOTMyLzBiY2VlMDJhYWYwMjJiNmY4MmE3NjcyNDI3MWYyOTQ0LnBuZyIvPjwvcD48cD7kuIDmraXmraXot5/liLBEZWZhdWx0SlNPTlBhcnNlci5qYXZh5Lit5pyJ5LiA5q616LCD55SoY2hlY2thdXRvdHlwZe+8jOS5n+WwseaYr+ajgOa1i+eahOaguOW/g+mAu+i+keOAgui3n+i/m+ivpeaWueazlTwvcD48cHJlPmNsYXp6Jm5ic3A7PSZuYnNwO3RoaXMuY29uZmlnLmNoZWNrQXV0b1R5cGUodHlwZU5hbWUsJm5ic3A7KENsYXNzKW51bGwsJm5ic3A7bGV4ZXIuZ2V0RmVhdHVyZXMoKSk8L3ByZT48cD7lnKjlvIDlkK/nmoTmg4XlhrXkuIvvvIxjaGVja2F1dG90eXBl5pa55rOV57G75Ly86buR5ZCN5Y2V77yM5Lya6L+b5YWl5LiL5Zu+6YC76L6R77yM6YCa6L+H5bCG57G75ZCNaGFzaOWQjuWSjGRlbnlIYXNoQ29kZXPov5vooYzlr7nmr5TjgILnm67liY3mnInkurpmdXp65Ye65LqG6YOo5YiG6buR5ZCN5Y2V5Lit55qE57G777yaPGEgaHJlZj0iaHR0cHM6Ly9naXRodWIuY29tL0xlYWRyb3lhTC9mYXN0anNvbi1ibGFja2xpc3TjgIIiIHRhcmdldD0iX2JsYW5rIj5odHRwczovL2dpdGh1Yi5jb20vTGVhZHJveWFML2Zhc3Rqc29uLWJsYWNrbGlzdOOAgjwvYT48YnIvPuW8gOWQr+eahOaDheWGteS4i++8jOW9k+m7keWQjeWNleajgOa1i+WRveS4reaXtu+8jOagueaNruS7o+eggemAu+i+ke+8jOS8muWFiOmAmui/h2xvYWRDbGFzc+aWueazleWKoOi9veivpeexu+W5tui/lOWbnu+8jOWboOatpOWwsee7lei/h+S6huajgOa1i+OAgjwvcD48cD48YnIvPjwvcD48cD48aW1nIHNyYz0iaHR0cHM6Ly9iYnMuemthcS5jbi91cGxvYWQvdXNlcmZpbGUvMTkzMi8xNzYzODdkOTEzMTllYmY0ZDYzMTYxMmVjNzkxYjA0ZC5wbmciLz48L3A+PHA+5ZyoYXV0b3R5cGXlhbPpl63nmoTmg4XlhrXkuIvvvIxjaGVja2F1dG90eXBl5pa55rOV57G75Ly855m95ZCN5Y2V77yM5Li76KaB5qOA5rWL57G75piv5ZCm5Zyo55m95ZCN5Y2V5Lit77yM5Lmf5bCx5piv5piv5ZCm6KKr5Yqg6L2944CC6YCa6L+HZ2V0Q2xhc3NGcm9tTWFwcGluZ+WwneivleWcqOe8k+WtmOWKoOi9veivpeexu+OAguWmguaenOS4jeWtmOWcqO+8jOS4i+i+uei/mOS8mumAmui/h2Rlc2VyaWFsaXplcnPmnaXmib7vvIzlpoLmnpzpg73msqHmnInvvIzkuIvovrnlsLHkvJrmipvlvILluLjjgII8L3A+PHA+PGltZyBzcmM9Imh0dHBzOi8vYmJzLnprYXEuY24vdXBsb2FkL3VzZXJmaWxlLzE5MzIvNjVmNjVlY2ZiNDRjNjJhY2M4ZWU3NmRkMjUwNDg5NDUucG5nIi8+PGJyLz48L3A+PHA+5b2T5Y+R6YCB56ys5LiA5qyh6K+35rGC5pe277yMQ2xhc3PmmK/pgJrov4dkZXNlcmlhbGl6ZXJzLmZpbmRDbGFzc+WKoOi9veeahO+8jOeEtuWQjkNsYXNz5bCGSmRiY1Jvd1NldEltcGznsbvliqDovb3ov5ttYXDkuK3vvIznhLblkI7nrKzkuozmrKHor7fmsYLml7bvvIzlsLHov5nph4zlsLHmiJDlip/mib7liLDkuoZKZGJjUm93U2V0SW1wbOexu++8jOS7juiAjOe7lei/h+ajgOa1i+OAgjwvcD48cD48aW1nIHNyYz0iaHR0cHM6Ly9iYnMuemthcS5jbi91cGxvYWQvdXNlcmZpbGUvMTkzMi85YzMwNmIyNTgyMWU0MzkzZDQ4YTlkMjY4OGQ5MGI4Yy5wbmciLz48L3A+PHA+5Yqg6L29SmRiY1Jvd1NldEltcGzlkI7vvIzlsLHlkozkuYvliY3nmoRwYXlsb2Fk5LiA5qC35LqG77yM6YCa6L+HSmRiY1Jvd1NldEltcGzkuK3nmoTosIPnlKjpk77vvIzpgJrov4dqbmRp55qEbG9va3Vw5Yqg6L296L+c56iL57G744CCPC9wPjxwPuiwg+eUqOagiOWmguS4i+WbvjwvcD48cD48YnIvPjwvcD48cD48aW1nIHNyYz0iaHR0cHM6Ly9iYnMuemthcS5jbi91cGxvYWQvdXNlcmZpbGUvMTkzMi9hN2JkNDc3MjQ1NDQ3YmQyMjU2MGQ4ZGY5YTZkMTYyMy5wbmciLz48L3A+PHA+SmF2YUJlYW5EZXNlcmlhbGl6ZXIuZGVzZXJpYWx6ZSAtPiBGaWVsZERlc2VyaWFsaXplci5zZXRWYWx1ZSAtPiAK6YCa6L+H5Y+N5bCE6LCD55Soc2V0QXV0b0NvbW1pdOaWueazlee7meWxnuaAp+i1i+WAvCAtPiBKTkRJIApjb25uZWN077yMY29ubmVjdOmHjOiwg+eUqEluaXRpYWxDb250ZXh055qEbG9va3Vw5pa55rOV77yM5qC55o2u5YmN6Z2icGF5bG9hZOmHjOiuvue9rueahERhdGFTb3VyY2VOYW1l5om+5Yiw77yM54S25ZCO6K+35rGC5oiR5Lus55qEam5kaQogc2VydmVy5LiL6L296L+c56iL57G75bm25omn6KGM5p6E6YCg5Ye95pWw77yM5LuO6ICM6YCg5oiQcmNl44CC5b2T54S25ZyoOHUxOTHkuYvkuIrvvIzpnIDopoHnu5PlkIh0b21jYXQgCmVs5oiW6ICFbGRhcOadpee7lei/h+OAgjh1MTkx5LmL5LiL5Y+v5Lul6YCa6L+HbGRhcCAKcmVmZXJlbmNl5p2l57uV6L+H5a+5cm1p5LuO6L+c56iL55qEQ29kZWJhc2XliqDovb1SZWZlcmVuY2Xlt6XljoLnsbvnmoTpmZDliLbjgII8YnIvPkpOREnms6jlhaXpq5jniYjmnKznu5Xov4flj4LogIPvvJo8YSBocmVmPSJodHRwczovL2tpbmd4Lm1lL1Jlc3RyaWN0aW9ucy1hbmQtQnlwYXNzLW9mLUpOREktTWFuaXB1bGF0aW9ucy1SQ0UuaHRtbCIgdGFyZ2V0PSJfYmxhbmsiPmh0dHBzOi8va2luZ3gubWUvUmVzdHJpY3Rpb25zLWFuZC1CeXBhc3Mtb2YtSk5ESS1NYW5pcHVsYXRpb25zLVJDRS5odG1sPC9hPjwvcD48cD48aW1nIHNyYz0iaHR0cHM6Ly9iYnMuemthcS5jbi91cGxvYWQvdXNlcmZpbGUvMTkzMi9jMmIwMGEyNWEzNDM4Mzg0NjI4ZDdjYjVkOTg1NDVjYy5wbmciLz48L3A+PHA+NDjkuK3nmoTkv67lpI3mjqrmlr3mmK/vvIzlnKhsb2FkQ2xhc3Pml7bvvIzlsIbnvJPlrZjlvIDlhbPpu5jorqTnva7kuLpmYWxzZe+8jOaJgOS7pem7mOiupOaYr+S4jeiDvemAmui/h0NsYXNz5Yqg6L296L+b57yT5a2Y55qE44CC5ZCM5pe25bCGQ2xhc3PnsbvliqDlhaXliLDkuobpu5HlkI3ljZXkuK3jgII8L3A+PHA+PGltZyBzcmM9Imh0dHBzOi8vYmJzLnprYXEuY24vdXBsb2FkL3VzZXJmaWxlLzE5MzIvM2Q3NDBjMWIwZjZhOTZmMGZiYTI4ZTgwZGJhZDQ0NDcucG5nIi8+PC9wPjxwPuacgOWQjumZhOS4impuZGkgc2VydmVyPC9wPjxwPjxpbWcgc3JjPSJodHRwczovL2Jicy56a2FxLmNuL3VwbG9hZC91c2VyZmlsZS8xOTMyLzY3MzMzOWI2ODA2YzEyOWI4NDhlYzhkOGRhMzcwMzg0LnBuZyIvPjwvcD48cD48YnIvPjwvcD48cD7ovazoh6rlhYjnn6XnpL7ljLo8YnIvPjwvcD4=