├── .gitignore ├── .idea ├── .gitignore ├── encodings.xml ├── misc.xml ├── uiDesigner.xml └── vcs.xml ├── LICENSE ├── README.md ├── burp.png ├── pom.xml ├── rce-demo.png └── src └── main └── java └── org └── gaw ├── Exploit.java ├── GenerateEvilPayload.java ├── linoma └── Cryptor.java ├── utils └── Http.java └── ysoserial ├── Deserializer.java ├── GeneratePayload.java ├── Serializer.java ├── Strings.java ├── YsoConfig.java ├── payloads ├── CommonsBeanutils1.java ├── ObjectPayload.java ├── ReleaseableObjectPayload.java ├── annotation │ ├── Authors.java │ └── Dependencies.java └── util │ ├── BASE64Decoder.java │ ├── ClassFiles.java │ ├── CommonUtil.java │ ├── DirtyDataWrapper.java │ ├── Gadgets.java │ ├── PayloadRunner.java │ └── Reflections.java └── secmgr └── ExecCheckingSecurityManager.java /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xf4n9x/CVE-2023-0669/HEAD/.gitignore -------------------------------------------------------------------------------- /.idea/.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xf4n9x/CVE-2023-0669/HEAD/.idea/.gitignore -------------------------------------------------------------------------------- /.idea/encodings.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xf4n9x/CVE-2023-0669/HEAD/.idea/encodings.xml -------------------------------------------------------------------------------- /.idea/misc.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xf4n9x/CVE-2023-0669/HEAD/.idea/misc.xml -------------------------------------------------------------------------------- /.idea/uiDesigner.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xf4n9x/CVE-2023-0669/HEAD/.idea/uiDesigner.xml -------------------------------------------------------------------------------- /.idea/vcs.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xf4n9x/CVE-2023-0669/HEAD/.idea/vcs.xml -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xf4n9x/CVE-2023-0669/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xf4n9x/CVE-2023-0669/HEAD/README.md -------------------------------------------------------------------------------- /burp.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xf4n9x/CVE-2023-0669/HEAD/burp.png -------------------------------------------------------------------------------- /pom.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xf4n9x/CVE-2023-0669/HEAD/pom.xml -------------------------------------------------------------------------------- /rce-demo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xf4n9x/CVE-2023-0669/HEAD/rce-demo.png -------------------------------------------------------------------------------- /src/main/java/org/gaw/Exploit.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xf4n9x/CVE-2023-0669/HEAD/src/main/java/org/gaw/Exploit.java -------------------------------------------------------------------------------- /src/main/java/org/gaw/GenerateEvilPayload.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xf4n9x/CVE-2023-0669/HEAD/src/main/java/org/gaw/GenerateEvilPayload.java -------------------------------------------------------------------------------- /src/main/java/org/gaw/linoma/Cryptor.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xf4n9x/CVE-2023-0669/HEAD/src/main/java/org/gaw/linoma/Cryptor.java -------------------------------------------------------------------------------- /src/main/java/org/gaw/utils/Http.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xf4n9x/CVE-2023-0669/HEAD/src/main/java/org/gaw/utils/Http.java -------------------------------------------------------------------------------- /src/main/java/org/gaw/ysoserial/Deserializer.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xf4n9x/CVE-2023-0669/HEAD/src/main/java/org/gaw/ysoserial/Deserializer.java -------------------------------------------------------------------------------- /src/main/java/org/gaw/ysoserial/GeneratePayload.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xf4n9x/CVE-2023-0669/HEAD/src/main/java/org/gaw/ysoserial/GeneratePayload.java -------------------------------------------------------------------------------- /src/main/java/org/gaw/ysoserial/Serializer.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xf4n9x/CVE-2023-0669/HEAD/src/main/java/org/gaw/ysoserial/Serializer.java -------------------------------------------------------------------------------- /src/main/java/org/gaw/ysoserial/Strings.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xf4n9x/CVE-2023-0669/HEAD/src/main/java/org/gaw/ysoserial/Strings.java -------------------------------------------------------------------------------- /src/main/java/org/gaw/ysoserial/YsoConfig.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xf4n9x/CVE-2023-0669/HEAD/src/main/java/org/gaw/ysoserial/YsoConfig.java -------------------------------------------------------------------------------- /src/main/java/org/gaw/ysoserial/payloads/CommonsBeanutils1.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xf4n9x/CVE-2023-0669/HEAD/src/main/java/org/gaw/ysoserial/payloads/CommonsBeanutils1.java -------------------------------------------------------------------------------- /src/main/java/org/gaw/ysoserial/payloads/ObjectPayload.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xf4n9x/CVE-2023-0669/HEAD/src/main/java/org/gaw/ysoserial/payloads/ObjectPayload.java -------------------------------------------------------------------------------- /src/main/java/org/gaw/ysoserial/payloads/ReleaseableObjectPayload.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xf4n9x/CVE-2023-0669/HEAD/src/main/java/org/gaw/ysoserial/payloads/ReleaseableObjectPayload.java -------------------------------------------------------------------------------- /src/main/java/org/gaw/ysoserial/payloads/annotation/Authors.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xf4n9x/CVE-2023-0669/HEAD/src/main/java/org/gaw/ysoserial/payloads/annotation/Authors.java -------------------------------------------------------------------------------- /src/main/java/org/gaw/ysoserial/payloads/annotation/Dependencies.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xf4n9x/CVE-2023-0669/HEAD/src/main/java/org/gaw/ysoserial/payloads/annotation/Dependencies.java -------------------------------------------------------------------------------- /src/main/java/org/gaw/ysoserial/payloads/util/BASE64Decoder.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xf4n9x/CVE-2023-0669/HEAD/src/main/java/org/gaw/ysoserial/payloads/util/BASE64Decoder.java -------------------------------------------------------------------------------- /src/main/java/org/gaw/ysoserial/payloads/util/ClassFiles.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xf4n9x/CVE-2023-0669/HEAD/src/main/java/org/gaw/ysoserial/payloads/util/ClassFiles.java -------------------------------------------------------------------------------- /src/main/java/org/gaw/ysoserial/payloads/util/CommonUtil.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xf4n9x/CVE-2023-0669/HEAD/src/main/java/org/gaw/ysoserial/payloads/util/CommonUtil.java -------------------------------------------------------------------------------- /src/main/java/org/gaw/ysoserial/payloads/util/DirtyDataWrapper.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xf4n9x/CVE-2023-0669/HEAD/src/main/java/org/gaw/ysoserial/payloads/util/DirtyDataWrapper.java -------------------------------------------------------------------------------- /src/main/java/org/gaw/ysoserial/payloads/util/Gadgets.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xf4n9x/CVE-2023-0669/HEAD/src/main/java/org/gaw/ysoserial/payloads/util/Gadgets.java -------------------------------------------------------------------------------- /src/main/java/org/gaw/ysoserial/payloads/util/PayloadRunner.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xf4n9x/CVE-2023-0669/HEAD/src/main/java/org/gaw/ysoserial/payloads/util/PayloadRunner.java -------------------------------------------------------------------------------- /src/main/java/org/gaw/ysoserial/payloads/util/Reflections.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xf4n9x/CVE-2023-0669/HEAD/src/main/java/org/gaw/ysoserial/payloads/util/Reflections.java -------------------------------------------------------------------------------- /src/main/java/org/gaw/ysoserial/secmgr/ExecCheckingSecurityManager.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xf4n9x/CVE-2023-0669/HEAD/src/main/java/org/gaw/ysoserial/secmgr/ExecCheckingSecurityManager.java --------------------------------------------------------------------------------