Skip to content

blazeinfosec/CVE-2017-10366_peoplesoft

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits

CVE-2017-10366_peoplesoft.py

CVE-2017-10366_peoplesoft.py

 
 

README.md

README.md

 
 

Repository files navigation

CVE-2017-10366: Oracle PeopleSoft 8.54, 8.55, 8.56 Java deserialization exploit

This script automates the exploitation of a Java deserialization vulnerability in Oracle PeopleSoft, originally discovered by Vahagn Vardanyan.

This exploit requires ysoserial.jar to generate cross-platform serialized Java payloads. ysoserial must be in the same directory as this script.

PS: It uses ysoserial-modified.jar, which can be found in https://github.com/pimps/ysoserial-modified/

Copyright 2016-2018, Blaze Information Security

About

CVE-2017-10366: Oracle PeopleSoft 8.54, 8.55, 8.56 Java deserialization exploit

Resources

Readme
Activity
Custom properties

Stars

26 stars

Watchers

4 watching

Forks

5 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages