Skip to content

gothren/jacksonvulnerableapp

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
exploit
exploit
 
 
src/main/java/org/some/company
src/main/java/org/some/company
 
 
README.md
README.md
 
 
pom.xml
pom.xml
 
 

Repository files navigation

Purpose of this repo

The repo demonstrates Jackson serialization vulnerability as described in:

  1. https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
  2. https://medium.com/@swapneildash/understanding-insecure-implementation-of-jackson-deserialization-7b3d409d2038
  3. https://blog.doyensec.com/2019/07/22/jackson-gadgets.html

The exploitable vulnerability demonstrated here is: https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-32043. We demonstrate the exploit by remotely executing a calculator app.

What this repo contains

  • A vulnerable app, run using Micronaut web framework.
  • The app exposes two endpoints - POST to /user, and POST to /org. Both endpoints are vulnerable but the vulnerability is enabled in two different ways. See AppController.java

How to run the exploit

Prerequisites:

  • java 8
  • maven
  • realpath unix command line utility (just to run the script)

How to run on MacOS

  1. mvn install
  2. mvn exec:exec to run the Micronaut server
  3. cd exploit && ./run_org_exploit.sh or
  4. cd exploit && ./run_user_exploit.sh

You should see the calculator app popping up.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

5 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages