Skip to content
/ Lord_of_Cereal Public

Java deserialization tool for creating encrypted and HMAC protected payloads.

2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Keramas/Lord_of_Cereal

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
Lord_of_Cereal.py
Lord_of_Cereal.py
 
 
README.md
README.md
 
 
java_exploits.py
java_exploits.py
 
 

Repository files navigation

Lord of Cereal

Java serialization tool for creating encrypted and HMAC protected payloads.

"For times when the server doesn't want to eat the cereal we are feeding it."

Alt Text Cereal

Overview:

This tool is meant for situations when the encryption and/or HMAC secret from the web.xml file is leaked from the server (through LFI or other means). The secret can be used in this tool so that payloads are encrypted and HMAC protected and then sent to the server for execution.

Encryption method:

  • DES
  • (Coming soon: AES)

Digest method:

  • HMAC-SHA1
  • (More to come soon)

Payload formatting options:

  • Powershell
  • Bash
  • (Python/Perl coming soon!)

Sample command:

python Lord_of_Cereal.py -u "http://192.168.1.10:8080/sub.faces" -e DES -s s3cr3tk3y -p commons3 -t javax.faces.ViewState -c "ping 192.168.10.8" -f powershell

To do (tool still a work in progress):

  • Add support for other encryption methods
  • Add support for other HMAC digest methods
  • Add separate option for when the encryption secret and HMAC secret differ
  • Add switches for Java payload types
  • Add Python and Perl support as payload options

About

Java deserialization tool for creating encrypted and HMAC protected payloads.

Topics

deserialization java-deserialization security-testing web-testing

Resources

Readme
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages