Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Custom Java Deserialization Exploit - Serial Snyker

John Hammond via YouTube

Start learning Write review
Datacamp Ad

Power BI Fundamentals - Create visualizations and dashboards from scratch

Learn More → OpenLearning Ad

Future-Proof Your Career: AI Manager Masterclass

Learn More →

Overview

Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore a comprehensive tutorial on exploiting Java deserialization vulnerabilities in the "Serial Snyker" challenge from Snyk Fetch the Flag. Learn to analyze source code, use Snyk for vulnerability detection, create custom exploits, achieve remote code execution, and build reverse shell scripts. Gain insights into Docker instance specifications, website probing techniques, and packaging exploits for successful attacks. Conclude with final thoughts on the challenge and its implications for Java application security.

Syllabus

- Serial Snyker
- Challenge Explaination
- Challenge Start
- Docker Instance Specs
- Source Code Exploration
- Begin Poking at Website
- Using Snyk
- Searching for insecure deserialization vulnerabilities
- Creating an exploit
- Packaging
- Remote Code Execution!
- Building reverse shell script
- Final thoughts
- Thank You, Snyk

Taught by

John Hammond

Reviews

Start your review of Custom Java Deserialization Exploit - Serial Snyker

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.