diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..19271cb
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,43 @@
+target/
+!.mvn/wrapper/maven-wrapper.jar
+!**/src/main/**/target/
+!**/src/test/**/target/
+
+### IntelliJ IDEA ###
+.idea/modules.xml
+.idea/jarRepositories.xml
+.idea/compiler.xml
+.idea/libraries/
+*.iws
+*.iml
+*.ipr
+
+### Eclipse ###
+.apt_generated
+.classpath
+.factorypath
+.project
+.settings
+.springBeans
+.sts4-cache
+
+### NetBeans ###
+/nbproject/private/
+/nbbuild/
+/dist/
+/nbdist/
+/.nb-gradle/
+build/
+!**/src/main/**/build/
+!**/src/test/**/build/
+
+### VS Code ###
+.vscode/
+
+### Mac OS ###
+.DS_Store
+
+### 自定义
+lib/
+out/
+target/
\ No newline at end of file
diff --git a/.idea/.gitignore b/.idea/.gitignore
new file mode 100644
index 0000000..13566b8
--- /dev/null
+++ b/.idea/.gitignore
@@ -0,0 +1,8 @@
+# Default ignored files
+/shelf/
+/workspace.xml
+# Editor-based HTTP Client requests
+/httpRequests/
+# Datasource local storage ignored files
+/dataSources/
+/dataSources.local.xml
diff --git a/.idea/artifacts/deswing_jar.xml b/.idea/artifacts/deswing_jar.xml
new file mode 100644
index 0000000..089102c
--- /dev/null
+++ b/.idea/artifacts/deswing_jar.xml
@@ -0,0 +1,17 @@
+
+
+ $PROJECT_DIR$/out/artifacts/deswing_jar
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/.idea/encodings.xml b/.idea/encodings.xml
new file mode 100644
index 0000000..29cbb48
--- /dev/null
+++ b/.idea/encodings.xml
@@ -0,0 +1,8 @@
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/.idea/misc.xml b/.idea/misc.xml
new file mode 100644
index 0000000..132404b
--- /dev/null
+++ b/.idea/misc.xml
@@ -0,0 +1,14 @@
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/.idea/uiDesigner.xml b/.idea/uiDesigner.xml
new file mode 100644
index 0000000..683f2c7
--- /dev/null
+++ b/.idea/uiDesigner.xml
@@ -0,0 +1,132 @@
+
+
+
+
+ -
+
+
+ -
+
+
+ -
+
+
+ -
+
+
+ -
+
+
+
+
+
+ -
+
+
+
+
+
+ -
+
+
+
+
+
+ -
+
+
+
+
+
+ -
+
+
+
+
+ -
+
+
+
+
+ -
+
+
+
+
+ -
+
+
+
+
+ -
+
+
+
+
+ -
+
+
+
+
+ -
+
+
+ -
+
+
+
+
+ -
+
+
+
+
+ -
+
+
+
+
+ -
+
+
+
+
+ -
+
+
+
+
+ -
+
+
+ -
+
+
+ -
+
+
+ -
+
+
+ -
+
+
+
+
+ -
+
+
+ -
+
+
+
+
+ -
+
+
+ -
+
+
+
+
+
\ No newline at end of file
diff --git a/.idea/vcs.xml b/.idea/vcs.xml
new file mode 100644
index 0000000..94a25f7
--- /dev/null
+++ b/.idea/vcs.xml
@@ -0,0 +1,6 @@
+
+
+
+
+
+
\ No newline at end of file
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..0a0124e
--- /dev/null
+++ b/README.md
@@ -0,0 +1,11 @@
+# deswing
+
+这是一个Java反序列化工具
+
+集成ysoserial,一键生成并导出反序列化利用连payload。
+
+
+
+推荐运行环境:Java1.8-Java11
+
+经测试不支持 Java17+
diff --git a/img/img.png b/img/img.png
new file mode 100644
index 0000000..a9045d7
Binary files /dev/null and b/img/img.png differ
diff --git a/pom.xml b/pom.xml
new file mode 100644
index 0000000..89dc0d3
--- /dev/null
+++ b/pom.xml
@@ -0,0 +1,75 @@
+
+
+ 4.0.0
+
+ org.zof
+ deswing
+ 1.0-SNAPSHOT
+
+
+ 11
+ 11
+ UTF-8
+
+
+
+ ysoserial
+ ysoserial
+ 0.0.6
+ system
+ D:/project/java/deswing/lib/ysoserial.jar
+
+
+ com.formdev
+ flatlaf
+ 3.4.1
+
+
+ com.intellij
+ forms_rt
+ 7.0.3
+
+
+
+
+
+ lib
+ ./
+
+ **/*.jar
+
+
+
+
+
+
+
+
+
+ org.apache.maven.plugins
+ maven-assembly-plugin
+
+
+ package
+
+ single
+
+
+
+
+ org.zof.deswing.MainWindow
+
+
+
+ jar-with-dependencies
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/src/main/java/org/zof/deswing/MainWindow.form b/src/main/java/org/zof/deswing/MainWindow.form
new file mode 100644
index 0000000..eee4cc4
--- /dev/null
+++ b/src/main/java/org/zof/deswing/MainWindow.form
@@ -0,0 +1,54 @@
+
+
diff --git a/src/main/java/org/zof/deswing/MainWindow.java b/src/main/java/org/zof/deswing/MainWindow.java
new file mode 100644
index 0000000..1c8b733
--- /dev/null
+++ b/src/main/java/org/zof/deswing/MainWindow.java
@@ -0,0 +1,27 @@
+package org.zof.deswing;
+
+import com.formdev.flatlaf.themes.FlatMacLightLaf;
+import com.intellij.uiDesigner.core.GridConstraints;
+import com.intellij.uiDesigner.core.GridLayoutManager;
+import com.intellij.uiDesigner.core.Spacer;
+import org.zof.deswing.ui.ExploitPanel;
+import org.zof.deswing.ui.PayloadPanel;
+
+import javax.swing.*;
+import java.awt.*;
+
+public class MainWindow {
+ private JPanel contentPane;
+ private JTabbedPane tabbedPane;
+
+ public static void main(String[] args) {
+ FlatMacLightLaf.setup();
+ JFrame frame = new JFrame("Java反序列化利用工具 by 零溢出");
+ frame.setContentPane(new MainWindow().contentPane);
+ frame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
+ frame.setSize(600, 600);
+ frame.setLocationRelativeTo(null);
+ frame.setVisible(true);
+ }
+
+}
diff --git a/src/main/java/org/zof/deswing/model/PayloadTableModel.java b/src/main/java/org/zof/deswing/model/PayloadTableModel.java
new file mode 100644
index 0000000..b87f16d
--- /dev/null
+++ b/src/main/java/org/zof/deswing/model/PayloadTableModel.java
@@ -0,0 +1,46 @@
+package org.zof.deswing.model;
+
+import ysoserial.Strings;
+import ysoserial.payloads.ObjectPayload;
+import ysoserial.payloads.annotation.Authors;
+import ysoserial.payloads.annotation.Dependencies;
+
+import javax.swing.table.DefaultTableModel;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+import java.util.Vector;
+
+public class PayloadTableModel extends DefaultTableModel {
+ private Vector> tableData;
+ public PayloadTableModel() {
+ tableData = initTableModel();
+ Vector columns = new Vector<>();
+ columns.add("Payload");
+ columns.add("Authors");
+ columns.add("Dependencies");
+ setDataVector(tableData,columns);
+ }
+ public String getPayloadType(int i){
+ return tableData.get(i).get(0);
+ }
+ private Vector> initTableModel() {
+ Vector> data = new Vector<>();
+ final List> payloadClasses =
+ new ArrayList<>(ObjectPayload.Utils.getPayloadClasses());
+ payloadClasses.sort(new Strings.ToStringComparator()); // alphabetize
+
+ for (Class payloadClass : payloadClasses) {
+ Vector row = new Vector<>();
+ row.add(payloadClass.getSimpleName());
+ row.add(Strings.join(Arrays.asList(Authors.Utils.getAuthors(payloadClass)), ", ", "@", ""));
+ row.add(Strings.join(Arrays.asList(Dependencies.Utils.getDependenciesSimple(payloadClass)),", ", "", ""));
+ data.add(row);
+ }
+ return data;
+ }
+ @Override
+ public boolean isCellEditable(int row, int column) {
+ return false;
+ }
+}
diff --git a/src/main/java/org/zof/deswing/ui/ExploitPanel.form b/src/main/java/org/zof/deswing/ui/ExploitPanel.form
new file mode 100644
index 0000000..8ffc4b7
--- /dev/null
+++ b/src/main/java/org/zof/deswing/ui/ExploitPanel.form
@@ -0,0 +1,22 @@
+
+
diff --git a/src/main/java/org/zof/deswing/ui/ExploitPanel.java b/src/main/java/org/zof/deswing/ui/ExploitPanel.java
new file mode 100644
index 0000000..253b101
--- /dev/null
+++ b/src/main/java/org/zof/deswing/ui/ExploitPanel.java
@@ -0,0 +1,15 @@
+package org.zof.deswing.ui;
+
+import com.intellij.uiDesigner.core.GridConstraints;
+import com.intellij.uiDesigner.core.GridLayoutManager;
+
+import javax.swing.*;
+import javax.swing.plaf.FontUIResource;
+import javax.swing.text.StyleContext;
+import java.awt.*;
+import java.util.Locale;
+
+public class ExploitPanel {
+ private JPanel panel;
+
+}
diff --git a/src/main/java/org/zof/deswing/ui/PayloadPanel.form b/src/main/java/org/zof/deswing/ui/PayloadPanel.form
new file mode 100644
index 0000000..626f514
--- /dev/null
+++ b/src/main/java/org/zof/deswing/ui/PayloadPanel.form
@@ -0,0 +1,50 @@
+
+
diff --git a/src/main/java/org/zof/deswing/ui/PayloadPanel.java b/src/main/java/org/zof/deswing/ui/PayloadPanel.java
new file mode 100644
index 0000000..ff278fa
--- /dev/null
+++ b/src/main/java/org/zof/deswing/ui/PayloadPanel.java
@@ -0,0 +1,63 @@
+package org.zof.deswing.ui;
+
+import com.intellij.uiDesigner.core.GridConstraints;
+import com.intellij.uiDesigner.core.GridLayoutManager;
+import org.zof.deswing.model.PayloadTableModel;
+import ysoserial.Serializer;
+import ysoserial.payloads.ObjectPayload;
+
+import javax.swing.*;
+import javax.swing.table.DefaultTableModel;
+import java.awt.*;
+import java.awt.event.ActionEvent;
+import java.awt.event.ActionListener;
+import java.io.File;
+import java.io.FileOutputStream;
+import java.io.PrintStream;
+import java.util.Vector;
+
+public class PayloadPanel {
+ private JTable table;
+ private JPanel panel;
+ private JTextField commandField;
+ private JButton exportBtn;
+ private PayloadTableModel tableModel;
+
+ public PayloadPanel() {
+ tableModel = new PayloadTableModel();
+ table.setModel(tableModel);
+ table.setSelectionMode(ListSelectionModel.SINGLE_SELECTION);
+ exportBtn.addActionListener(e -> {
+ int selectedRow = table.getSelectedRow();
+ if (selectedRow == -1) {
+ JOptionPane.showMessageDialog(panel, "Please select a payload");
+ return;
+ }
+ if (commandField.getText().isEmpty()) {
+ JOptionPane.showMessageDialog(panel, "Please enter a command");
+ return;
+ }
+ String payloadType = tableModel.getPayloadType(table.getSelectedRow());
+ JFileChooser chooser = new JFileChooser();
+ chooser.setFileSelectionMode(JFileChooser.FILES_ONLY);
+ chooser.showSaveDialog(null);
+ File file = chooser.getSelectedFile();
+ if (file == null) {
+ JOptionPane.showMessageDialog(panel, "Please select a file");
+ return;
+ }
+ final Class payloadClass = ObjectPayload.Utils.getPayloadClass(payloadType);
+ try {
+ final ObjectPayload payload = payloadClass.newInstance();
+ final Object object = payload.getObject(commandField.getText());
+ FileOutputStream fos = new FileOutputStream(file);
+ Serializer.serialize(object, fos);
+ ObjectPayload.Utils.releasePayload(payload, object);
+ JOptionPane.showMessageDialog(null, "success");
+ } catch (Exception ex) {
+ JOptionPane.showMessageDialog(panel, ex.getMessage());
+ }
+ });
+ }
+
+}
diff --git a/src/main/resources/META-INF/MANIFEST.MF b/src/main/resources/META-INF/MANIFEST.MF
new file mode 100644
index 0000000..b56b5cd
--- /dev/null
+++ b/src/main/resources/META-INF/MANIFEST.MF
@@ -0,0 +1,3 @@
+Manifest-Version: 1.0
+Main-Class: org.zof.deswing.MainWindow
+