Google, IBM & Meta Certificates – 40% Off
One plan covers every Professional Certificate on Coursera.
Unlock All Certificates
Explore a Black Hat conference talk that delves into exploiting a JSON deserialization vulnerability in Fastjson, a popular open-source JSON parser. Learn how the speakers bypassed security checks and mitigations by leveraging inheritance processes of basic classes to achieve remote code execution. Discover the step-by-step process, from introduction and demo to visualizing the serialized process, autotype support and bypass, magic method derivation, JSONpath, GenTron, and ReadWriteLevelDB. Gain insights into post-penetration techniques and understand the potential impact on blockchain security and financial transactions.