Java Serialize 06

Bookmarked!

This exercise is one of our challenges to help you learn Java Serialisation exploitation

PRO Hard 2-4 Hrs. 51 Java Deserialization Badge

Course

This exercise covers the exploitation of a serialization issue in Java, focusing on building your own gadgets without relying on ysoserial. You will learn to leverage a java.lang.reflect.Proxy and java.lang.reflect.InvocationHandler to gain code execution.

Skills covered

Injection

Included with PRO

Full course content Common mistakes

Ready to practice?

Get access to this lab and 600+ hands-on exercises with a PRO subscription.

Go PRO or create a free account