{"id":15036558,"url":"https://github.com/qi4l/jyso","last_synced_at":"2025-05-14T17:10:13.341Z","repository":{"id":41554653,"uuid":"510191474","full_name":"qi4L/JYso","owner":"qi4L","description":" JNDIExploit or a ysoserial.","archived":false,"fork":false,"pushed_at":"2025-05-13T07:09:10.000Z","size":107196,"stargazers_count":1597,"open_issues_count":0,"forks_count":184,"subscribers_count":58,"default_branch":"main","last_synced_at":"2025-05-14T17:09:30.758Z","etag":null,"topics":["attack","gadget","java","jndi","jndi-injection","ldap","mem-shell","middleware-echo","rmi","web-security","ysoserial"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/qi4L.png","metadata":{"files":{"readme":"README.en.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2022-07-04T02:52:14.000Z","updated_at":"2025-05-13T08:12:35.000Z","dependencies_parsed_at":"2023-02-08T18:16:38.963Z","dependency_job_id":"b1bd6697-d33e-4240-8663-3671b905dd9f","html_url":"https://github.com/qi4L/JYso","commit_stats":null,"previous_names":["qi4l/jyso"],"tags_count":53,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/qi4L%2FJYso","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/qi4L%2FJYso/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/qi4L%2FJYso/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/qi4L%2FJYso/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/qi4L","download_url":"https://codeload.github.com/qi4L/JYso/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254190394,"owners_count":22029632,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["attack","gadget","java","jndi","jndi-injection","ldap","mem-shell","middleware-echo","rmi","web-security","ysoserial"],"created_at":"2024-09-24T20:31:33.255Z","updated_at":"2025-05-14T17:10:13.336Z","avatar_url":"https://github.com/qi4L.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003cimg src=\"docs/img/logo.png\" width=\"120\"\u003e\n\u003c/p\u003e\n\u003ch1 align=\"center\"\u003e JYso \u003c/h1\u003e\n\n\u003cp align=\"center\"\u003e\n\u003cimg src=\"https://img.shields.io/badge/JDK-1.8+-orange\" /\u003e\n\u003cimg src=\"https://img.shields.io/badge/gradle-8.7-blue\" /\u003e\n\u003cimg src=\"https://img.shields.io/badge/SDL-Groovy-green\" /\u003e\n\n\u003cp align=\"center\"\u003e It can be used as a tool for ysoserial and JNDIExploit at the same time, and has the bypass function of multiple JNDI high versions, WAF, and RASP \u003c/p\u003e\n\n## 🚀 Getting Started Guide\n\n📢 Please take a moment to read this document, it will help you quickly get familiar with JYso!\n\n🧐 Use the Documentation [Wiki](https://github.com/qi4L/JYso/wiki).\n\n✔ Download the latest version of [Releases](https://github.com/qi4L/JYso/releases).\n\n## 👍 Features\n\n+ JNDI account password startup\n+ JNDI route hiding or encryption\n+ JNDI high version Bypass\n+ Customize the path, password, HTTP header and value of the memory horse\n+ Memory horse supports [Fileless landing Agent insertion](https://xz.aliyun.com/t/10075?time__1311=mq%2BxBD9QDQe4yDBkPoN%2BuDAO%3DnB5x\u0026alichlgref=https%3A%2F%2Fxz.aliyun.com%2Fsearch%3Fkeyword%3Drebeyond)\n+ Memory horse writes JRE or environment variables to hide\n+ Serialized data plus dirty data\n+ [Serialized data is encoded in UTF-8 corresponding to 3 bytes](https://whoopsunix.com/docs/PPPYSO/advance/UTFMIX/)\n+ TemplatesImpl _bytecodes feature eliminated and size reduced\n+ SignedObject secondary deserialization, can be used to bypass TemplatesImpl blacklist, CC without array and blacklist often seen in CTF, etc.\n+ Solve the problem of Shiro Header being too long, get the value of the specified parameter from the request for class loading\n+ Dynamically generate obfuscated class names\n+ MSF/CS online\n+ Code execution through JDBC\n\nIf you have other great ideas, please let me know! 😎\n\n## 🐯 Compile\n\nDownload gradle8.7+ and configure it in the global environment variable, and execute it in the project root directory\n\n```shell\n./gradlew shadowJar\n```\n\n## 🌲Directory structure\n\nFor more information, please refer to [Directory structure description](docs/directory_structure.md).\n\n## ✨ CTStack\n\n\u003cimg src=\"https://ctstack-oss.oss-cn-beijing.aliyuncs.com/CT%20Stack-2.png\" width=\"30%\" /\u003e\n\nJYso has joined the [CTStack](https://stack.chaitin.com/tool/detail/1303) community\n\n## ✨ 404Starlink\n\n\u003cimg src=\"https://raw.githubusercontent.com/knownsec/404StarLink-Project/master/logo.png\" alt=\"404StarLink Project Logo\" width=\"30%\" loading=\"lazy\"\u003e\n\nJYso has joined [404Starlink](https://github.com/knownsec/404StarLink)\n\n1. [入选2024年KCon兵器谱](https://kcon.knownsec.com/index.php?s=bqp\u0026c=category\u0026id=3)\n\n## 📷 Acknowledgements\n\n- https://github.com/veracode-research/rogue-jndi\n- https://github.com/welk1n/JNDI-Injection-Exploit\n- https://github.com/welk1n/JNDI-Injection-Bypass\n- https://github.com/WhiteHSBG/JNDIExploit\n- https://github.com/su18/ysoserial\n- https://github.com/rebeyond/Behinder\n- https://github.com/Whoopsunix/utf-8-overlong-encoding\n- https://github.com/mbechler/marshalsec\n- https://t.zsxq.com/17LkqCzk8\n- https://mp.weixin.qq.com/s/fcuKNfLXiFxWrIYQPq7OCg\n- https://xz.aliyun.com/t/11640?time__1311=mqmx0DBDuDnQ340vo4%2BxCwg%3DQai%3DYzaq4D\u0026alichlgref=https%3A%2F%2Fxz.aliyun.com%2Fu%2F8697\n- https://archive.conference.hitb.org/hitbsecconf2021sin/sessions/make-jdbc-attacks-brilliant-again/\n- https://tttang.com/archive/1405/#toc_0x03-jdbc-rce\n- https://xz.aliyun.com/t/10656?time__1311=mq%2BxBDy7G%3DLOD%2FD0DoYg0%3DDR0HG8KeD\u0026alichlgref=https%3A%2F%2Ftttang.com%2F#toc-7\n- https://whoopsunix.com/docs/PPPYSO/advance/UTFMIX/\n- https://tttang.com/archive/1405/#toc_groovyclassloader\n- https://xz.aliyun.com/t/10656?time__1311=mq%2BxBDy7G%3DLOD%2FD0DoY4AKqiKD%3DOQjqx\u0026alichlgref=https%3A%2F%2Ftttang.com%2F\n- https://www.leavesongs.com/PENETRATION/use-tls-proxy-to-exploit-ldaps.html\n- https://tttang.com/archive/1405/#toc_druid\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fqi4l%2Fjyso","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fqi4l%2Fjyso","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fqi4l%2Fjyso/lists"}