Serialize Badge

users completed icon
3280 Completed
video icon
11 Videos
book icon
5 Exercises

Serialization is currently one of the hot topic in web security. This badge covers the exploitation of serialization vulnerabilities in multiple languages

Exercises

Medium
serialize badge icon
XMLDecoder
  • This exercise covers the exploitation of an application using XMLDecoder
  • 1 video
  • Completed by 5366 students
  • Takes < 1 Hr. on average
  • Java

 

Medium
serialize badge icon
CVE-2016-0792
  • This exercise covers the exploitation of an Xstream vulnerability in Jenkins
  • 1 video
  • Completed by 4786 students
  • Takes < 1 Hr. on average
  • Java/Tomcat
  • CWE-20

 

Medium
serialize badge icon
ObjectInputStream
  • This exercise covers the exploitation of a call to readObject in a Spring application
  • 1 video
  • Completed by 4294 students
  • Takes < 1 Hr. on average
  • Java

 

Medium
serialize badge icon
CVE-2013-0156: Rails Object Injection
  • This exercise covers the exploitation of a code execution in Ruby-on-Rails using XML and YAML.
  • 2 videos
  • Completed by 3990 students
  • Takes < 1 Hr. on average
  • Rails
  • CWE-20

 

Hard
serialize badge icon
API to Shell
  • This exercise covers the exploitation of PHP type confusion to bypass a signature and the exploitation of unserialize.
  • 6 videos
  • Completed by 3463 students
  • Takes 2-4 Hrs. on average
  • PHP/Apache/Mysql
  • API
  • CWE-502,CWE-310