Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cleaned up version of #14 #20

Merged
merged 25 commits into from
Mar 13, 2016
Merged

Cleaned up version of #14 #20

Show file tree
Hide file tree
Changes from 22 commits
Commits
Show all changes
25 commits
Select commit Hold shift + click to select a range
a69ce66
Add ability to generate TemplatesImpl payloads with an actual non-sha…
mbechler Mar 5, 2016
7157d5e
Some basic cleanups (warnings, imports)
mbechler Mar 5, 2016
8dfce7e
Add custom test infrastructure.
mbechler Mar 5, 2016
436e831
Add JRMP utilties, gadgets and test code.
mbechler Mar 5, 2016
bd21624
Add hibernate gadget chains.
mbechler Mar 5, 2016
4130fc5
Add spring variant and json-lib gadget chain.
mbechler Mar 5, 2016
6f9c8dc
Rename beanutils gadget
mbechler Mar 5, 2016
20580e9
Add commons fileupload file operation gadget chain.
mbechler Mar 5, 2016
c8e8223
Add C3P0 gadget chain.
mbechler Mar 5, 2016
bba1460
Remove wrong copyright notices, again
mbechler Mar 5, 2016
d665880
Move payload annotation to annotation package.
mbechler Mar 5, 2016
7879428
Add MyFaces gadgets.
mbechler Mar 5, 2016
6bb0d80
Some cleanup of myfaces gadgets.
mbechler Mar 5, 2016
c94779b
Add jenkins client and exploits (CVE-2016-0788)
mbechler Mar 6, 2016
37dbcf5
Fix fileupload test reliability
mbechler Mar 6, 2016
8beeec6
Add JBoss/Wildfly exploitation client.
mbechler Mar 6, 2016
5fc361d
A final touch
mbechler Mar 6, 2016
4795bce
Add hook for payload generators to modify the object before finalizer…
mbechler Mar 6, 2016
b814712
Fix HashMap creation for java7.
mbechler Mar 6, 2016
eabfce0
Disable json-lib test as the gadget chain depends on the HashMap orde…
mbechler Mar 6, 2016
3273b27
JRMPListener Java6 compatiblity.
mbechler Mar 6, 2016
2d69621
Made json-lib gadget chain more reliable.
mbechler Mar 7, 2016
6873a43
Drop empty javadocs.
mbechler Mar 9, 2016
bdb1e0d
Add some tooling docs
mbechler Mar 9, 2016
3230c08
Add rome (RSS/Atom library) gadget chain.
mbechler Mar 12, 2016
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
181 changes: 171 additions & 10 deletions pom.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@
<plugin>
<artifactId>maven-assembly-plugin</artifactId>
<configuration>
<finalName>${project.artifactId}-${project.version}-all</finalName>
<finalName>${project.artifactId}-${project.version}-all</finalName>
<appendAssemblyId>false</appendAssemblyId>
<archive>
<manifest>
Expand All @@ -51,6 +51,14 @@
</plugin>
</plugins>
</build>

<repositories>
<repository>
<id>jenkins</id>
<layout>default</layout>
<url>http://repo.jenkins-ci.org/public/</url>
</repository>
</repositories>

<dependencies>

Expand All @@ -74,6 +82,13 @@
<version>1.8.0</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.nanohttpd</groupId>
<artifactId>nanohttpd</artifactId>
<version>2.2.0</version>
<scope>test</scope>
</dependency>


<!-- non-gadget dependencies -->

Expand All @@ -93,6 +108,52 @@
<artifactId>javassist</artifactId>
<version>3.19.0-GA</version>
</dependency>
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<version>1.9</version>
</dependency>
<dependency>
<artifactId>remoting</artifactId>
<groupId>org.jenkins-ci.main</groupId>
<version>2.55</version>
</dependency>
<dependency>
<groupId>org.jboss.logging</groupId>
<artifactId>jboss-logging</artifactId>
<version>3.3.0.Final</version>
</dependency>
<dependency>
<groupId>org.jboss.remoting</groupId>
<artifactId>jboss-remoting</artifactId>
<version>4.0.19.Final</version>
</dependency>
<dependency>
<groupId>org.jboss</groupId>
<artifactId>jboss-common-core</artifactId>
<version>2.5.0.Final</version>
<exclusions>
<exclusion>
<groupId>org.jboss.logging</groupId>
<artifactId>jboss-logging-spi</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.jboss.xnio</groupId>
<artifactId>xnio-nio</artifactId>
<version>3.3.4.Final</version>
</dependency>
<dependency>
<groupId>org.jboss.sasl</groupId>
<artifactId>jboss-sasl</artifactId>
<version>1.0.5.Final</version>
</dependency>
<dependency>
<groupId>org.jboss.remotingjmx</groupId>
<artifactId>remoting-jmx</artifactId>
<version>2.0.1.Final</version>
</dependency>

<!-- gadget dependecies -->

Expand All @@ -102,15 +163,15 @@
<version>3.1</version>
</dependency>
<dependency>
<groupId>org.beanshell</groupId>
<artifactId>bsh</artifactId>
<version>2.0b5</version>
</dependency>
<dependency>
<groupId>commons-beanutils</groupId>
<artifactId>commons-beanutils</artifactId>
<version>1.9.2</version>
</dependency>
<groupId>org.beanshell</groupId>
<artifactId>bsh</artifactId>
<version>2.0b5</version>
</dependency>
<dependency>
<groupId>commons-beanutils</groupId>
<artifactId>commons-beanutils</artifactId>
<version>1.9.2</version>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-collections4</artifactId>
Expand All @@ -131,5 +192,105 @@
<artifactId>spring-beans</artifactId>
<version>4.1.4.RELEASE</version>
</dependency>
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-core</artifactId>
<version>4.3.11.Final</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-aop</artifactId>
<version>4.1.4.RELEASE</version>
</dependency>
<dependency>
<groupId>net.sf.json-lib</groupId>
<artifactId>json-lib</artifactId>
<classifier>jdk15</classifier>
<version>2.4</version>
</dependency>
<dependency>
<groupId>commons-fileupload</groupId>
<artifactId>commons-fileupload</artifactId>
<version>1.3</version>
</dependency>
<dependency>
<groupId>com.mchange</groupId>
<artifactId>c3p0</artifactId>
<version>0.9.5.2</version>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<version>3.1.0</version>
</dependency>
<dependency>
<groupId>org.apache.myfaces.core</groupId>
<artifactId>myfaces-impl</artifactId>
<version>2.2.9</version>
</dependency>
<dependency>
<groupId>xalan</groupId>
<artifactId>xalan</artifactId>
<version>2.7.2</version>
</dependency>
</dependencies>

<profiles>
<profile>
<id>hibernate5</id>
<activation>
<property>
<name>hibernate5</name>
</property>
</activation>
<dependencies>
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-core</artifactId>
<version>5.0.7.Final</version>
</dependency>
</dependencies>
</profile>

<profile>
<id>apache-el</id>
<activation>
<activeByDefault>true</activeByDefault>
<property>
<name>el</name>
<value>apache</value>
</property>
</activation>
<dependencies>
<dependency>
<groupId>org.mortbay.jasper</groupId>
<artifactId>apache-el</artifactId>
<version>8.0.27</version>
</dependency>
</dependencies>
</profile>

<profile>
<id>juel</id>
<activation>
<property>
<name>el</name>
<value>juel</value>
</property>
</activation>
<dependencies>
<dependency>
<groupId>de.odysseus.juel</groupId>
<artifactId>juel-impl</artifactId>
<version>2.2.7</version>
</dependency>
<dependency>
<groupId>de.odysseus.juel</groupId>
<artifactId>juel-api</artifactId>
<version>2.2.7</version>
</dependency>
</dependencies>
</profile>

</profiles>
</project>
2 changes: 2 additions & 0 deletions src/main/java/ysoserial/GeneratePayload.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,13 +30,15 @@ public static void main(final String[] args) {
System.err.println("Invalid payload type '" + payloadType + "'");
printUsage();
System.exit(USAGE_CODE);
return; // make null analysis happy
}

try {
final ObjectPayload payload = payloadClass.newInstance();
final Object object = payload.getObject(command);
PrintStream out = System.out;
Serializer.serialize(object, out);
ObjectPayload.Utils.releasePayload(payload, object);
} catch (Throwable e) {
System.err.println("Error while generating or serializing payload");
e.printStackTrace();
Expand Down
Loading