pwntester / jdeserialize Goto Github PK
View Code? Open in Web Editor NEWAutomatically exported from code.google.com/p/jdeserialize
Automatically exported from code.google.com/p/jdeserialize
Downloaded version 1.1 and ran "java -Xmx1280M -jar jdeserialize.jar myfile"
where myfile was a large serialized object file (21MB). Output successfully
contained what looked like ~200x200 array of integers and then crashed with the
following exception. I know there is a lot more data in this object than this
2D array. Perhaps a null array has caused the thing to crash.
Exception in thread "main" java.lang.NullPointerException
at org.unsynchronized.arraycoll.toString(arraycoll.java:45)
at org.unsynchronized.arrayobj.toString(arrayobj.java:30)
at org.unsynchronized.jdeserialize.run(jdeserialize.java:843)
at org.unsynchronized.jdeserialize.main(jdeserialize.java:1186)
Original issue reported on code.google.com by [email protected]
on 6 Apr 2012 at 3:36
"o" can be a null - no need to call o.toString() here anyway
Should also fix http://code.google.com/p/jdeserialize/issues/detail?id=1
Original issue reported on code.google.com by sormuras
on 31 Oct 2012 at 12:26
Attachments:
First of all thanks a lot for this tool, it has been very useful to me for
analyzing serialized data from memory dumps.
I was attempting to use it in conjunction with the Eclipse Memory Analyzer but
it seems that this tool has a strange way of saving serialized byte arrays to a
binary file. For some reason there is an extra bytes before the serialized
data.
I managed to get around it by using "dd" to remove the first byte but I thought
it would be great if there was a command line option to directly skip a few
bytes at the beginning of the file, so I patched jdeserialize for this and I'm
submitting the following patch to you. I hope it's acceptable. Let me know if
you need anything else.
I'll also be submitting a bug fix because I had a NPE with a file I was
analyzing, I will create a separate ticket for this.
Best regards,
Serge Huber.
What steps will reproduce the problem?
1.
2.
3.
What is the expected output? What do you see instead?
What version of the product are you using? On what operating system?
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 15 Jul 2013 at 8:02
Attachments:
What steps will reproduce the problem?
>java -jar jdeserialize-1.2.jar -noclasses -noconnect -nocontent -noinstance
-debug 767da49f-909c-4cc3-81ae-94be141ce62b.ser
cause an exception
EOF error while attempting to decode file
767da49f-909c-4cc3-81ae94be141ce62b.ser: hit externalizable with nonzero
SC_BLOCK_DATA; can't interpret data
java.io.EOFException: hit externalizable with nonzero SC_BLOCK_DATA; can't
interpret data
at org.unsynchronized.jdeserialize.read_Classdata(jdeserialize.java:196)
at org.unsynchronized.jdeserialize.read_newObject(jdeserialize.java:729)
at org.unsynchronized.jdeserialize.read_Content(jdeserialize.java:760)
at org.unsynchronized.jdeserialize.read_FieldValue(jdeserialize.java:230)
at org.unsynchronized.jdeserialize.read_arrayValues(jdeserialize.java:642)
at org.unsynchronized.jdeserialize.read_newArray(jdeserialize.java:629)
at org.unsynchronized.jdeserialize.read_Content(jdeserialize.java:764)
at org.unsynchronized.jdeserialize.read_FieldValue(jdeserialize.java:230)
at org.unsynchronized.jdeserialize.read_Classdata(jdeserialize.java:181)
at org.unsynchronized.jdeserialize.read_newObject(jdeserialize.java:729)
at org.unsynchronized.jdeserialize.read_Content(jdeserialize.java:760)
at org.unsynchronized.jdeserialize.read_FieldValue(jdeserialize.java:230)
at org.unsynchronized.jdeserialize.read_Classdata(jdeserialize.java:181)
at org.unsynchronized.jdeserialize.read_newObject(jdeserialize.java:729)
at org.unsynchronized.jdeserialize.read_Content(jdeserialize.java:760)
at org.unsynchronized.jdeserialize.run(jdeserialize.java:842)
at org.unsynchronized.jdeserialize.main(jdeserialize.java:1186)
Original issue reported on code.google.com by [email protected]
on 5 Sep 2013 at 11:03
Attachments:
I'm trying to analyze serialized payload of malware exploiting CVE-2010-0094,
but get error "error while attempting to decode file: array type listed, but
typecode is not TC_ARRAY: 0x70"
What steps will reproduce the problem?
1. Please find payload vmain.z.ser attached
2. java -jar ./jdeserialize-1.2.jar vmain.z.ser
What is the expected output? What do you see instead?
Expected output -- content, declarations, instance dump.
I receive
error while attempting to decode file vmain.z.ser: array type listed, but
typecode is not TC_ARRAY: 0x70
java.io.IOException: array type listed, but typecode is not TC_ARRAY: 0x70
at org.unsynchronized.jdeserialize.read_FieldValue(jdeserialize.java:228)
at org.unsynchronized.jdeserialize.read_Classdata(jdeserialize.java:181)
at org.unsynchronized.jdeserialize.read_newObject(jdeserialize.java:729)
at org.unsynchronized.jdeserialize.read_Content(jdeserialize.java:760)
at org.unsynchronized.jdeserialize.run(jdeserialize.java:842)
at org.unsynchronized.jdeserialize.main(jdeserialize.java:1186)
What version of the product are you using? On what operating system?
I'm using jdserialize 1.2 on Fedora 16 i686 with
$ java -version
java version "1.6.0_30"
Java(TM) SE Runtime Environment (build 1.6.0_30-b12)
Java HotSpot(TM) Server VM (build 20.5-b03, mixed mode)
Additional information
Payload in malware is deserialized fine, stream seems correct.
Original issue reported on code.google.com by [email protected]
on 16 Nov 2012 at 3:51
Attachments:
error while attempting to decode file file.bin: got a blockdata TC_*, but not
allowed here: 0x77
java.io.IOException: got a blockdata TC_*, but not allowed here: 0x77
at org.unsynchronized.jdeserialize.read_Content(jdeserialize.java:782)
at org.unsynchronized.jdeserialize.read_FieldValue(jdeserialize.java:230)
at org.unsynchronized.jdeserialize.read_Classdata(jdeserialize.java:181)
at org.unsynchronized.jdeserialize.read_newObject(jdeserialize.java:729)
at org.unsynchronized.jdeserialize.read_Content(jdeserialize.java:760)
at org.unsynchronized.jdeserialize.read_FieldValue(jdeserialize.java:230)
at org.unsynchronized.jdeserialize.read_Classdata(jdeserialize.java:181)
at org.unsynchronized.jdeserialize.read_newObject(jdeserialize.java:729)
at org.unsynchronized.jdeserialize.read_Content(jdeserialize.java:760)
at org.unsynchronized.jdeserialize.read_FieldValue(jdeserialize.java:230)
at org.unsynchronized.jdeserialize.read_Classdata(jdeserialize.java:181)
at org.unsynchronized.jdeserialize.read_newObject(jdeserialize.java:729)
at org.unsynchronized.jdeserialize.read_Content(jdeserialize.java:760)
at org.unsynchronized.jdeserialize.read_FieldValue(jdeserialize.java:230)
at org.unsynchronized.jdeserialize.read_Classdata(jdeserialize.java:181)
at org.unsynchronized.jdeserialize.read_newObject(jdeserialize.java:729)
at org.unsynchronized.jdeserialize.read_Content(jdeserialize.java:760)
at org.unsynchronized.jdeserialize.read_classAnnotation(jdeserialize.java:295)
at org.unsynchronized.jdeserialize.read_Classdata(jdeserialize.java:189)
at org.unsynchronized.jdeserialize.read_newObject(jdeserialize.java:729)
at org.unsynchronized.jdeserialize.read_Content(jdeserialize.java:760)
at org.unsynchronized.jdeserialize.read_FieldValue(jdeserialize.java:230)
at org.unsynchronized.jdeserialize.read_Classdata(jdeserialize.java:181)
at org.unsynchronized.jdeserialize.read_newObject(jdeserialize.java:729)
at org.unsynchronized.jdeserialize.read_Content(jdeserialize.java:760)
at org.unsynchronized.jdeserialize.read_classAnnotation(jdeserialize.java:295)
at org.unsynchronized.jdeserialize.read_Classdata(jdeserialize.java:189)
at org.unsynchronized.jdeserialize.read_newObject(jdeserialize.java:729)
at org.unsynchronized.jdeserialize.read_Content(jdeserialize.java:760)
at org.unsynchronized.jdeserialize.read_FieldValue(jdeserialize.java:230)
at org.unsynchronized.jdeserialize.read_Classdata(jdeserialize.java:181)
at org.unsynchronized.jdeserialize.read_newObject(jdeserialize.java:729)
at org.unsynchronized.jdeserialize.read_Content(jdeserialize.java:760)
at org.unsynchronized.jdeserialize.run(jdeserialize.java:842)
at org.unsynchronized.jdeserialize.main(jdeserialize.java:1186)
Original issue reported on code.google.com by [email protected]
on 23 Jan 2013 at 3:36
This code fails when "c" is null:
for(content c: inst.annotations.get(cd)) {
sb.append(" ").append(c.toString()).append(linesep);
}
Fixed that with: ...append(String.valueOf(c))...
Original issue reported on code.google.com by [email protected]
on 24 Jan 2013 at 4:36
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.