Since I haven’t seen any forum post nor discord server messages mentioning this Module, I’m opening one.
I’m pretty stuck at trying to get the right payload to entry point right. I think I got the entry point, was able to craft a script that would generate the sha validation hash, but can’t seem to get the right way to exploit it.
Also, the XML section got me hanged on the modifications needed to the XML for it to work, so I’m pretty hanged in both.
Hi, could anybody help me with Skill Assessment in Advanced Deserialization Attacks? I’ve got *.DevToken and try to use gadget for J*.Net. Am I on right way? I cant use Ob*Provider as it is forbidden, it seems. Another gadgets from yoserial-c# didn’t help me
Hi,
Any nudge on how to bypass the filter to execute command on advanced deserialization attack SA? I’ve got the token, and tried others gadgets, but without success.
Got it! For those who may be stuck in the future, the gadget is right, try other techniques that you can use to bypass filters.