Java-Unserialization-Study
Just for learn Java's unserialize vulnerability. More code will be pushed later.
Vulnerability analysis articles will be published on my blog :)
Vulnerability
I plan to analyze the following security vulnerabilities.
- [x] Spring-tx unserialize vulnerability.
- [x] Apache Commons Collections unserizlize vulnerability.
- [x] JDK7u21 vulnerability.
- [x] JDK8u20 vulnerability.
- [x] FastJSON unserialize vulnerability.
- [ ] Jackson unserialize vulnerability.
- [x] Apache Shiro unserialize vulnerability.