Deserialization Exploitation Framework

Deserializer Exploitation Framework

* Enumerate the code entry points
– What code does the deserializer call on my objects?

* Enumerate the immediate gadget pool
-What types does the deserializer allow me to specify?
– Can I stuff unexpected/disallowed types?

* Iterate on gadget chain extension
– Use static analysis /IDEs
– WHat methods can I use from invocation of a method X? Ideally to method Y?

Notes taken from AppSecUSA 2016 (Arshan Dabirsiaghi)

Author: McPeters Joseph

Joseph McPeters is a Security Researcher. He specializes in network and web application penetration testing. Contact:

Leave a Reply

Your email address will not be published. Required fields are marked *