YoVDO

Custom Java Deserialization Exploit - Serial Snyker

Offered By: John Hammond via YouTube

Tags

Ethical Hacking Courses Cybersecurity Courses Docker Courses Exploit Development Courses Snyk Courses Remote Code Execution Courses

Course Description

Overview

Explore a comprehensive tutorial on exploiting Java deserialization vulnerabilities in the "Serial Snyker" challenge from Snyk Fetch the Flag. Learn to analyze source code, use Snyk for vulnerability detection, create custom exploits, achieve remote code execution, and build reverse shell scripts. Gain insights into Docker instance specifications, website probing techniques, and packaging exploits for successful attacks. Conclude with final thoughts on the challenge and its implications for Java application security.

Syllabus

- Serial Snyker
- Challenge Explaination
- Challenge Start
- Docker Instance Specs
- Source Code Exploration
- Begin Poking at Website
- Using Snyk
- Searching for insecure deserialization vulnerabilities
- Creating an exploit
- Packaging
- Remote Code Execution!
- Building reverse shell script
- Final thoughts
- Thank You, Snyk


Taught by

John Hammond

Related Courses

Ethical Hacking with JavaScript
LinkedIn Learning Foundational JavaScript Security
LinkedIn Learning Using Snyk to Find & Fix Vulnerabilities
John Hammond via YouTube Snyk Integrations
Snyk via YouTube Integrations 101
Snyk via YouTube