DeserLab
Java deserialization exploitation lab.
Install / Use
/learn @NickstaDB/DeserLabREADME
DeserLab
Java deserialization exploitation lab.
Simple Java client and server application that implements a custom network protocol using the Java serialization format to demonstrate Java deserialization vulnerabilities.
Download v1.0 built and ready to run from here: https://github.com/NickstaDB/DeserLab/releases/download/v1.0/DeserLab-v1.0.zip
Usage
First launch the server-side component as follows:
$ java -jar DeserLab.jar -server <listen-address> <listen-port>
Next, use the client to interact with the server component as follows:
$ java -jar DeserLab.jar -client <server-address> <server-port>
Now pop some calcs ;)
Note: If you build DeserLab.jar yourself then you will need to make sure there is a library containing useful POP gadgets available on the CLASSPATH e.g.:
$ java -cp <gadgetlib> -jar DeserLab.jar -server <listen-address> <listen-port>
Related Skills
node-connect
341.2kDiagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps
frontend-design
84.5kCreate distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.
openai-whisper-api
341.2kTranscribe audio via OpenAI Audio Transcriptions API (Whisper).
commit-push-pr
84.5kCommit, push, and open a PR
