Skip to content

hacklikeared/Java_Deserialization

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
Challenge
Challenge
 
 
README.md
README.md
 
 
docker_tomcat.sh
docker_tomcat.sh
 
 
setup_tomcat.sh
setup_tomcat.sh
 
 
stop_docker.sh
stop_docker.sh
 
 

Repository files navigation

Deserialization Vulnerabilities: Root Cause and Importance

Chapter 1: Introduction to Java Deserialization

Powered by Deloitte Romania - Cyber Risk Advisory Team

Hello,

Welcome to the Git corresponding to the hands on challenge corresponding to the blog post "Deserialization vulnerabilities: root cause and importance".

The contents of this repository is focuesd on introducing you to how Java Deserialization exploits work by helping you setup a vulnerable Java Web Application in an isolated local docker environment. The challenge consists of identifying and successfully exploiting the Java Deserialization vulnerability in order to obtain Remote Code Execution on the target, and, if you like CTFs, getting the flag.

Disclaimer:

Although no file of this challenge is considered malware, it is unadvised to run/install them on "Production" systems.

Writeup

The solution/writeup for this challenge can be found in the PDF hosted on our blog page.

About

Introduction to Java Deserialization via local docker setup

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages