how to use this good tool?

Question

how to use this good tool?

gayhub-blackerie opened this issue 8 years ago · 2 comments

I am a newbie to learn web security.Fortunately，I meet this tool，but it is very difficult to some people like me.Can anyone write a note about how to use it?By the way, how to understand this :
Usage: java -jar ysoserial-[version]-all.jar [payload type] '[command to execute]'
My way：java -jar ysoserial.jar

Answer 1 · 2017-09-12T03:01:47.000Z

For these exploits you don't use the ysoserial.jar by itself.

Most of the time you don't need to specify the ysoserial path as it will look in the current directory.

On most of these you just need to supply the IP and port of the target and then the command you want to run.

each of these .py scripts have slightly different syntax so it depends which one you want to run.

Which service are you going after? (Jenkins/weblogic/etc?)

Answer 2 · 2018-05-22T17:20:21.000Z

Closing since this seems to be a stale issue