Merge

.gitignore

@@ -0,0 +1,48 @@
+# Created by .ignore support plugin (hsz.mobi)
+### Gradle template
+.gradle
+/build/
+
+# Ignore Gradle GUI config
+gradle-app.setting
+
+# Avoid ignoring Gradle wrapper jar file (.jar files are usually ignored)
+!gradle-wrapper.jar
+
+# Cache of project
+.gradletasknamecache
+
+# # Work around https://youtrack.jetbrains.com/issue/IDEA-116898
+# gradle/wrapper/gradle-wrapper.properties
+### Java template
+# Compiled class file
+*.class
+
+# Log file
+*.log
+
+# BlueJ files
+*.ctxt
+
+# Mobile Tools for Java (J2ME)
+.mtj.tmp/
+
+# Package Files #
+#*.jar
+*.war
+*.nar
+*.ear
+*.zip
+*.tar.gz
+*.rar
+
+# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
+hs_err_pid*
+### Example user template template
+### Example user template
+
+# IntelliJ project files
+.idea
+*.iml
+out
+gen

Readme.md

@@ -1,7 +1,7 @@
 # Freddy the Serial(isation) Killer  - Deserialization Bug Finder #
 A Burp Suite extension to aid in detecting and exploiting serialisation libraries/APIs.
 
-Based on the work of Alvaro Muñoz and Oleksandr Mirosh, [Friday the 13th: JSON Attacks](https://www.blackhat.com/us-17/briefings.html#friday-the-13th-json-attacks), which they presented at Black Hat USA 2017 and DEF CON 25. In their work they reviewed a range of JSON and XML serialisation libraries for Java and .NET and found that many of them support serialisation of arbitrary runtime objects and as a result are vulnerable in the same way as many serialisation technologies are - snippets of code (POP gadgets) that execute during or soon after deserialisation can be controlled using the properties of the serialized objects, often opening up the potential for arbitrary code or command execution.
+This useful extension was originally developed by Nick Bloor (@nickstadb) for NCC Group and is mainly based on the work of Alvaro Muñoz and Oleksandr Mirosh, [Friday the 13th: JSON Attacks](https://www.blackhat.com/us-17/briefings.html#friday-the-13th-json-attacks), which they presented at Black Hat USA 2017 and DEF CON 25. In their work they reviewed a range of JSON and XML serialisation libraries for Java and .NET and found that many of them support serialisation of arbitrary runtime objects and as a result are vulnerable in the same way as many serialisation technologies are - snippets of code (POP gadgets) that execute during or soon after deserialisation can be controlled using the properties of the serialized objects, often opening up the potential for arbitrary code or command execution.
 
 Further modules supporting more formats including YAML and AMF are also included, based on the paper [Java Unmarshaller Security - Turning your data into code execution](https://github.com/mbechler/marshalsec/blob/master/marshalsec.pdf) and tool [marshalsec](https://github.com/mbechler/marshalsec) by Moritz Bechler.
 
@@ -69,4 +69,4 @@ The following targets are currently supported (italics are new in v2.0):
 - Sweet.Jayson (detection)
 - *XmlSerializer (detection, RCE)*
 
-Released under agpl-3.0, see LICENSE for more informatio
+Released under agpl-3.0, see LICENSE for more information

build.gradle

@@ -1,4 +1,6 @@
-apply plugin: 'java'
+plugins {
+    id 'java'
+}
 
 compileJava.options.encoding = 'UTF-8'
 
@@ -7,13 +9,43 @@ repositories {
 }
 
 dependencies {
-    compile 'net.portswigger.burp.extender:burp-extender-api:1.7.13'
+    implementation 'net.portswigger.burp.extender:burp-extender-api:1.7.22'
+    testCompile 'junit:junit:4.12'
 }
 
-sourceSets {
-    main {
-        java {
-            srcDir 'src'
+def getVersionName = { ->
+    try {
+        def stdout = new ByteArrayOutputStream()
+        exec {
+            commandLine 'git', 'describe', '--tags', '--abbrev=0'
+            standardOutput = stdout
+        }
+        def tag = stdout.toString().trim()
+        stdout.reset()
+        exec {
+            commandLine 'git', 'describe', '--all'
+            standardOutput = stdout
         }
+        if ('heads/master'.equalsIgnoreCase(stdout.toString().trim()) || stdout.toString().trim().contains(tag)) {
+            return tag
+        } else {
+            // Adding the branch name to the version
+            def ver = stdout.toString().trim()
+            return tag+'-' + ver.substring(ver.indexOf('/')+1)
+        }
+    }
+    catch (ignored) {
+        return null
     }
 }
+sourceCompatibility = 1.8
+// deviates from standard Gradle directory structure
+sourceSets.main.java.srcDirs = ['src']
+
+version = getVersionName()
+group 'trust.nccgroup'
+
+jar {
+    from { configurations.compile.collect { it.isDirectory() ? it : zipTree(it) } }
+}
+