drsh0's llog

Serialize

General writeup notes for Pentesterlab's Serialize badge. This post does not contain any spoilers. This is just information collected by me to understand the exercises better.

TODOXMLDecoderCVE-2016-0792 – ObjectInputStream – CVE-2013-0156: Rails Object Injection – API to Shell

#web #pentesterlab #Serialize

Read more...