ysoserial
ysoserial copied to clipboard
frohoff
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
It may be useful to allow for overriding dependency versions used during payload generation to work around `serialVersionUID` changes in gadget classes that have an otherwise-negligible effect.
It would be useful to have a test scaffolding (within the project or in a separate project) that can test gadget chains against **multiple versions of each dependency**, ideally including...
There is no image named, openjdk:8-alpine hosted in Docker, I just replace java for openjdk and it works Error Step 11/14: FROM java:8-jdk-alpine manifest for java: 8-jdk-alpine not found: unknown...
Thank you for such an excellent open source project, I have some confusion about the code implementation of URLDNS, A custom URLStreamHandler was used here to block DNS resolution: https://github.com/frohoff/ysoserial/blob/2874a69f6127fd3b3f078461741910423a6b1376/src/main/java/ysoserial/payloads/URLDNS.java#L56...
fix following error ``` ERROR: failed to solve: java:8-jdk-alpine: docker.io/library/java:8-jdk-alpine: not found ```
Fixed the two mentioned files so that the Docker image now works again.
lazymap of common collection1 after proxy is not empty, it's size is 3. i want to know the reason.
hello. thanks for great project. I need help very urgently. I found a request for cve-2017-9805 where the base64 encoded field puts the server to sleep for like 10 seconds....
I didn't find this in google,what should i do next. 
