ACEDcup | Payload generator for Java Binary Deserialization attack

by GrrrDog Java Version: v1.0.3 License: No License

X-Ray Key Features Code Snippets(1)Community Discussions Vulnerabilities Install Support

kandi X-RAY | ACEDcup Summary

ACEDcup is a Java library. ACEDcup has no bugs, it has no vulnerabilities and it has low support. However ACEDcup build file is not available. You can download it from GitHub.

ACEDcup tool is a payload generator for Java Binary Deserialization attack (ACED). For Apache Commons FileUpload ver <= 1.3 (CVE-2013-2186) and Oracle JDK ver < 7u40. The attack works even for newer versions of the lib or Java. We can upload any content in any directory, but we cannot control a file name (smth like upload_f71d3547_72ed_4ae1_90fe_0d319115cd42_00000000.tmp) in this situation. Hovewer, it may be useful in some cases. Also we can perform a NTLM-relay/sniffing attack (using \\evilhost\any\path) if your target is on Windows OS.

Support

Quality

Security

License

Reuse

Support

ACEDcup has a low active ecosystem.

It has 36 star(s) with 14 fork(s). There are 1 watchers for this library.

It had no major release in the last 12 months.

ACEDcup has no issues reported. There are no pull requests.

It has a neutral sentiment in the developer community.

The latest version of ACEDcup is v1.0.3

Quality

ACEDcup has 0 bugs and 0 code smells.

Security

ACEDcup has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.

ACEDcup code analysis shows 0 unresolved vulnerabilities.

There are 0 security hotspots that need review.

License

ACEDcup does not have a standard license declared.

Check the repository for any license declaration and review the terms closely.

Without a license, all rights are reserved, and you cannot use the library in your applications.

Reuse

ACEDcup releases are available to install and integrate.

ACEDcup has no build file. You will be need to create the build yourself to build the component from source.

Installation instructions are not available. Examples and code snippets are available.

ACEDcup saves you 51 person hours of effort in developing the same functionality from scratch.

It has 136 lines of code, 4 functions and 3 files.

It has low code complexity. Code complexity directly impacts maintainability of the code.

Top functions reviewed by kandi - BETA

kandi has reviewed ACEDcup and discovered the below as its top functions. This is intended to give you an instant insight into ACEDcup implemented functionality, and help decide if they suit your requirements.

The main usage of this class
Create file
Serialize the item to a file

Get all kandi verified functions for this library.

ACEDcup Key Features

No Key Features are available at this moment for ACEDcup.

ACEDcup Examples and Code Snippets

ACEDcup,Usage

Java

Lines of Code : 13

License : No License

Copy

  1)At first, we create a serialized payload:
  java -jar aced_cup.jar /path/payload /path/target /path/out 1
  
  /path/payload - a path to a file with your payload
  /path/target - a path to a file that will be created in your victim (this will be

Community Discussions

No Community Discussions are available at this moment for ACEDcup.Refer to stack overflow page for discussions.

Community Discussions, Code Snippets contain sources that include Stack Exchange Network

Vulnerabilities

No vulnerabilities reported

Install ACEDcup

You can download it from GitHub.
You can use ACEDcup like any standard Java library. Please include the the jar files in your classpath. You can also use any IDE and you can run and debug the ACEDcup component as you would do with any other Java program. Best practice is to use a build tool that supports dependency management such as Maven or Gradle. For Maven installation, please refer maven.apache.org. For Gradle installation, please refer gradle.org .

Support

For any new features, suggestions and bugs create an issue on GitHub. If you have any questions check and ask questions on community page Stack Overflow .

Find more information at: