Comments (3)
Another useful CLI parameter could be the encoding of the serialized exploit.
Based on the real word scenario I saw, useful encoding could be:
- Raw
- Base64
- ASCII HEX
Thank you for your great job!
from ysoserial.
Some ideas:
- Annotate "bindable" classes and fields/properties
- Bind command line parameters into object structure using dotted property notation (a la web frameworks)
- Use annotation parameter to limit choices if necessary (limit to specific payload classes, serialization formats, etc)
- Bound implementation choices instantiate specified class and inject sub-parameters as appropriate
Example:
@Bind public class SomeExploit {
@Bind private Payload payload;
@Bind private URL url;
...
}
@Bind class SomeExecPayload {
@Bind private String cmd;
...
}
@Bind class SomeFileWritePayload {
@Bind private String path;
@Bind private String contents;
...
}
@Bind class SomeBypass {
@Bind private Payload inner;
...
}
$ java ... SomeExploit
Usage:
-payload [CHOICE]
* SomeExecPayload
* SomeFileWritePayload
* SomeBypass
-url [URL]
$ java ... SomeExploit -payload SomeExecPayload
-url [URL]
-payload.cmd [String]
$ java ... SomeExploit -url http://someurl -payload SomeExecPayload -payload.cmd "somecommand"
[Successfully executed]
$ java ... SomeExploit -url http://someurl -payload SomeBypass
Usage:
-payload.inner [CHOICE]
* SomeExecPayload
* SomeFileWritePayload
* SomeBypass
$ java ... SomeExploit -url http://someurl -payload SomeBypass -payload.inner SomeFileWritePayload
Usage:
-payload.inner.path [String]
-payload.inner.contents [String]
$ java ... SomeExploit -url http://someurl -payload SomeBypass -payload.inner SomeFileWritePayload -payload.inner.path "app/webshell.jsp" -payload.inner.contents "<html>webshell-here</html>"
[Successfully executed]
Might be able to abbreviate option names where it wouldn't introduce ambiguity as well. For example, -payload.inner
could be specified as -p.i
, -inner
, or just `-i'. Similar unambiguous abbreviation might be able to be performed with fixed-choice values.
$ java ... SomeExploit -u http://someurl -p SomeBypass -i SomeFileWritePayload -path "app/webshell.jsp" -contents "<html>webshell-here</html>"
[Successfully executed]
Something like this seems like it would accommodate pretty much anything in the future, but I'm concerned that it may be to complex or confusing.
from ysoserial.
I think the approach is very flexible and should allow future gadgets with special needs.
The only thing I would add is that gadgets should also define what output formats they support so they can be generated in different formats as JavaSer (default and mandatory), XStream, Kryo, etc
from ysoserial.
Related Issues (20)
- Troubleshooting docs
- i can't found ysoserial.jar ! HOT 2
- ysoserial doesn't work with Java 18 HOT 1
- another way to Get PoC with RCE HOT 1
- Help understanding the CommonsBeanutils1 payload HOT 1
- Error while generating or serializing payload(openjdk17) HOT 1
- Ysoserial doesn't work with Java version 17 HOT 11
- Error: Unable to access jarfile ysoserial.jar HOT 6
- Error while generating or serializing payload (FIXED) HOT 2
- A tool for fuzzing the right payload HOT 3
- I don't know how to input next. HOT 2
- How can I create the sleep payload in the following payload with ysoserial? HOT 1
- Common Collection1 failed HOT 1
- Hello, I have some confusion about the code implementation of URLDNS HOT 2
- getting error while executing the command HOT 1
- ERROR when building → javax.interceptor depency no longer available at repo.jenkins-ci.org
- Ysoserial - System.IO.FileNotFoundException HOT 1
- parameter 'descriptor' has been removed from the plugin, please verify documentation.
- javax.interceptor-api/3.1 is no longer available HOT 1
- Build Failure HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ysoserial.