Skip to content

bbossola/vulnerability-java-samples

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

security status stability status (hey, the low security is intentional here!)

Sample exploits of common vulnerabilities in Java librarires. Please go to my blog for a detailed explanation!

how to use this?

You can compile the code using Maven, standard structure: in the /target subfolder you will get an executable jar that will run the exploitable server.

The exploit class is availabile in the /exploit subfolder, you can find there the exploit itself (unsurprisingly named Exploit.java) and a super simple Encoder class, that will encode the Exploit code in base64 to be included in the JSON

In the /curls folder you will find sample curls to invoke the list and add REST API, plus the exploit.sh and the exploit.json file.

Please enjoy and be wary that all these information are publicly available on the internet. This is just a summary post from a cybersecurity practitioner and nothing else. The code provided is for research purposes only.

credits

https://github.com/mbechler/marshalsec

About

Sample exploits of common vulnerabilities in Java librarires

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published