Java

Ysoserial Payload Building

Serialize/Deserialize Java Example

Binary

import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.Serializable;


public class POC implements Serializable {
	private String data;
	
	public POC(String testData) {
		data = testData;
	}
	
	public String getData() {
		return data;
	}


  public static void Serialize() {
    try {
        // Object Creation
        POC poctest = new POC("a");
        // Creating output stream and writing the serialized object
        FileOutputStream outfile = new FileOutputStream("serialized.object");
        ObjectOutputStream outstream = new ObjectOutputStream(outfile);
        outstream.writeObject(poctest);
        outstream.flush();
        // closing the stream
        outstream.close();
        System.out.println("Serialized object saved to serialized.object");
    } catch (Exception e) {
        System.out.println(e);
    }}
    
  public static void Deserialize() {
    try{
        ObjectInputStream in = new ObjectInputStream(new FileInputStream("serialized.object"));
        POC poctest = (POC)in.readObject();
        // Printing the data of the serialized object
        System.out.println("Object's data: " + poctest.data);
        // Closing the stream
        in.close();
    }catch(Exception e){
            System.out.println(e);
            }
    }

  public static void main(String args[]) {
        POC.Serialize();
        // POC.Deserialize();
    }

}

XML

Serialize Java Object to XML - XMLEncoder and XMLDecoder Example - HowToDoInJavaHowToDoInJava

PreviousPHP NextYsoserial

Last updated 3 years ago