JYso – A Comprehensive Guide To Advanced JNDI And Serialization Exploits

JYso is a tool that can be used as both ysoserial and JNDIExploit. It also has bypass functions of multiple JNDI high versions, WAF, and RASP.

Getting Started Guide

Please be sure to take a moment to read this document, which will help you quickly become familiar with JYso!

Use documentation Wiki.

Download the latest version of Releases.

Features

• JNDI account activation
• JNDI routing hidden or encrypted
• JNDI high version Bypass
• 12 available echo classes
• 18 available memshell classes, and supports modifying the memshell path, password, authentication HTTP header and value
• 76 available Gadgets and provide multiple ways to use them
• Memory horse supports No file landing Agent entry
• write the memshell to JRE or environment variable to hide
• Serialized data plus dirty data
• Serialized data is encoded in UTF-8 corresponding to 3 bytes
• Secondary deserialization of SignedObject, which can be used to bypass TemplatesImpl blacklist, CC countless groups and blacklists that often appear in CTF, etc.
• To solve the problem that the Shiro Header header is too long, obtain the value of the specified parameter from the request for class loading.
• Dynamically generate obfuscated class names
• MSF/CS online
• Code execution via JDBC

If you have any other great ideas be sure to let me know!

Compile

Download gradle8.7+ and configure it in the global environment variable, execute it in the project root directory

./gradlew shadowJar

Directory Structure

For more information, see Directory Structure Description.

Follow-Up Plan

• Continuous optimization and improvement of each module
• Add more Bypass functions
• Optimize the traversal effect through machine learning and graph theory

Contribute

We warmly welcome all of you to work together to improve this project!

404StarLink 2.0 – Galaxy

JYso is a part of 404Team 404StarLink 2.0. If you have questions about JYso or want to find a partner to communicate, you can refer to the Starlink group project.

Disclaimer

This tool can only be used in the security construction of enterprises that have obtained sufficient legal authorization.

When using this tool, you should ensure that all your actions comply with local laws and regulations.

If you commit any illegal behavior while using this tool, you will bear all the consequences yourself. All developers and contributors of this tool do not assume any legal and joint liability.

Please do not install and use this tool unless you have fully read, fully understood and accepted all the terms of this agreement.

Your usage behavior or your acceptance of this Agreement in any other express or implicit manner shall be deemed to have read and agreed to be bound by this Agreement.