Serial Killer Silently Pwning Your Java Endpoints
asd-f03-serial-killer-silently-pwning-your-java-endpoints
asd-f03-serial-killer-silently-pwning-your-java-endpoints
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
New RCE Gadget in Jython (CVE pending)<br />
org.python.core.PyFunction<br />
<strong>Serial</strong>izable Invoca@onHandler<br />
Upon func@on intercep@on custom python bytecode will be called<br />
Only python built-in func@ons can be called<br />
Impor@ng modules is not possible: no os.system() sorry :(<br />
S@ll we can read and write arbitrary files (can cause RCE in web app)<br />
In order to invoke the payload a trigger gadget is needed<br />
14