GitHub - mb-syss/ruby-serialize

Branches Tags

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
gadgets		gadgets
handlers		handlers
model		model
payloads		payloads
probes		probes
.gitignore		.gitignore
Gemfile		Gemfile
Gemfile.lock		Gemfile.lock
LICENSE		LICENSE
README		README
classfile.rb		classfile.rb
config.rb		config.rb
data.rb		data.rb
data_test.rb		data_test.rb
deserialize.rb		deserialize.rb
gadgets.rb		gadgets.rb
jmx.rb		jmx.rb
jrmp.rb		jrmp.rb
loader.rb		loader.rb
meterpreter.rb		meterpreter.rb
prober.rb		prober.rb
rmi.rb		rmi.rb
runner.rb		runner.rb
serialize.rb		serialize.rb
serialize_test.rb		serialize_test.rb
test-client.rb		test-client.rb
test-dos.rb		test-dos.rb
test-loader.rb		test-loader.rb
test-probe.rb		test-probe.rb
test.rb		test.rb
util.rb		util.rb

Repository files navigation

Java Serializer in Ruby using Metamodel

Also:
+ Discovery of available gadget classes (blind + remote)
+ JRMP/RMI Client
+ JMX/RMI Scanning (related: metasploit modules available)

Currently ported payloads:
- Commons Collections (very portable variant)
- Commons Beanutils
- C3P0
- Groovy
- Hibernate Validator
- Jython
- ROME
- Spring JTA
- Hibernate ORM
- Rhino
- net.sf.JSON
- Beanshell


Pros:
- in many cases generates smaller payloads
- no need to carry around possibly hundreds of megabytes of 
  libraries/maven respositories (and possibly malicious code)
- metasploit integration
- directly inject meterpreter through serialized payloads
- addresses some other issues with practical use of ysoserial, including
   * proper shell commandsline handling
   * better support for payload variants
   * parametrization


See test*.rb for some usage examples