A PoC for the Bamboo deserialization exploit.

A PoC for the Bamboo deserialization exploit (CVE-2015-6576), Bamboo is a continous build server from Atlassian.
introduction Deserialization Vulnerabilities in Java :
Deserialization vulnerabilities in Java are lesser known and exploited (compared to unserialize() in PHP). this bug class can be turned into serverside Remote Code Execution.

usage: ./bamboo.py host port /path/to/payload

bamboo.py Script:

Source : https://github.com/CallMeJonas