apunkt/nyx
1
0
Fork 0
mirror of https://github.com/elicpeter/nyx.git synced 2026-06-09 19:45:13 +02:00
Code Issues Projects Releases Packages Wiki Activity

[pitboss] phase 03: Track J.1 + Track L.1 — DESERIALIZE corpus + Java/Python/PHP/Ruby adapters

Browse source
This commit is contained in:
pitboss 2026-05-17 16:37:20 -05:00
parent 01fcaab310
commit 9dc60b51c0
33 changed files with 1625 additions and 53 deletions
Download patch file Download diff file Expand all files Collapse all files

16
tests/dynamic_fixtures/deserialize/java/vuln.java Normal file
View file

@ -0,0 +1,16 @@
// Phase 03 (Track J.1) Java deserialize vuln fixture.
//
// The function reads bytes off the wire and hands them straight to
// `ObjectInputStream.readObject` without restricting `resolveClass`.
// A gadget chain inside the byte stream is materialised before any
// allowlist check fires, so a CVE-class object-injection is reachable.
import java.io.ByteArrayInputStream;
import java.io.ObjectInputStream;
public class Vuln {
public static Object run(byte[] payload) throws Exception {
ByteArrayInputStream bis = new ByteArrayInputStream(payload);
ObjectInputStream ois = new ObjectInputStream(bis);
return ois.readObject();
}
}