GitHub

Build using mvn package.

JTalos Syntax:

echo {name-of-vulnerable-methods-to-be-instrumented} > SWRR_OPTIONS

java -jar {path-to-'sootclasses-trunk-jar-with-dependencies.jar} soot.jtalos.SWRRInject -pp \
-soot-class-path {path-to-vulnerable-jar} {fully-qualified-name-of-vulnerable-class} -w -allow-phantom-refs

Example runs:

henrikswoon@henrikswoon-ThinkPad-T480s:~/Documents/Code/root/out/artifacts/calculator$ java -jar /home/henrikswoon/Documents/Code/soot/target/sootclasses-trunk-jar-with-dependencies.jar -pp -soot-class-path ./:root.jar -process-dir root.jar

java -jar ~/Documents/Code/soot/target/sootclasses-trunk-jar-with-dependencies.jar -pp -soot-class-path ./ Hello -f class -src-prec jimple

java -cp /home/henrikswoon/Documents/Code/soot/target/sootclasses-trunk-jar-with-dependencies.jar soot.MyAnalyzer.Main -pp -soot-class-path root.jar -process-dir root.jar

java -jar target/jtalos-1.0-SNAPSHOT-jar-with-dependencies.jar -process-dir /home/henrikswoon/Documents/Code/HelloWorld/ -w
~/Documents/Code/exploitDB/A03/CWE-20$ java -cp /home/henrikswoon/Documents/Code/jtalos/target/jtalos-1.0-SNAPSHOT-jar-with-dependencies.jar soot.jtalos.SWRRInject -pp -soot-class-path jenkins_instrumented/WEB-INF/lib/xstream-1.4.7-jenkins-1.jar com.thoughtworks.xstream.XStream -whole-program -allow-phantom-refs

java -cp ~/Documents/Code/jtalos/target/jtalos-1.0-SNAPSHOT-jar-with-dependencies.jar soot.jtalos.SWRRInject -pp -soot-class-path /home/henrikswoon/Documents/Code/exploitDB/A04/CWE-522/flink-instrumented-1.11.0/lib/flink-dist_2.11-1.11.0.jar org.apache.flink.runtime.rest.handler.job.JobManagerCustomLogHandler -w -allow-phantom-refs

java -cp ~/Documents/Code/jtalos/target/jtalos-1.0-SNAPSHOT-jar-with-dependencies.jar soot.jtalos.SWRRInject -pp -soot-class-path /home/henrikswoon/Documents/Code/exploitDB/A04/CWE-522/flink-instrumented-1.11.0/lib/flink-dist_2.11-1.11.0.jar org.apache.flink.runtime.rest.handler.cluster.JobManagerCustomLogHandler -w -allow-phantom-refs

henrikswoon@henrikswoon-ThinkPad-T480s:~/Documents/Code/exploitDB/A03/CWE-164/CVE-2025-27636-Apache-Camel-PoC-Instrumented/camel-jars-instrumented$ java -cp ~/Documents/Code/jtalos/target/jtalos-1.0-SNAPSHOT-jar-with-dependencies.jar soot.jtalos.SWRRInject -pp -soot-class-path /home/henrikswoon/Documents/Code/exploitDB/A03/CWE-164/CVE-2025-27636-Apache-Camel-PoC-Instrumented/camel-jars-instrumented/camel-support-4.10.0.jar org.apache.camel.support.DefaultHeaderFilterStrategy -w -allow-phantom-refs

Try to instrument HelloWorld found in '/example'!:)

Name		Name	Last commit message	Last commit date
Latest commit History 6 Commits
example/HelloWorld		example/HelloWorld
src/main/java/henriksson-melker		src/main/java/henriksson-melker
.gitignore		.gitignore
README.md		README.md
TODO.md		TODO.md
calculator_instrumented.jar		calculator_instrumented.jar
pom.xml		pom.xml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

About

Uh oh!

Releases

Packages

Uh oh!

Languages

Henrikswoon/JTalos

Folders and files

Latest commit

History

Repository files navigation

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Languages

Packages