A collection of Java Deserialization Exploits.

A collection of Java Deserialization Exploits.

A collection of Java Deserialization Exploits, Currently this repo contains exploits for the following vulnerabilities:
+ Cisco Prime Infrastructure Java Deserialization RCE (CVE-2016-1291), The python script uses ysoserial to dynamically generate the payload. Therefore java is required as well.
+ IBM WebSphere Java Object Deserialization RCE (CVE-2015-7450)
+ OpenNMS Java Object Deserialization RCE (No CVE ?)Java-Deserialization-Exploits

Requirements:
+ Java
+ python 2.7.x
+ All Operating System Support

Usage:

Download: java_deserialization_exploits.zip
Source: https://github.com/CoalfireLabs