SKILL: Insecure Deserialization — Expert Attack Playbook

AI LOAD INSTRUCTION: Expert deserialization techniques across Java, PHP, and Python. Covers gadget chain selection, traffic fingerprinting, tool usage (ysoserial, PHPGGC), Shiro/WebLogic/Commons Collections specifics, Phar deserialization, and Python pickle abuse. Base models often miss the distinction between finding the sink and finding a usable gadget chain.

0. RELATED ROUTING

• jndi-injection when deserialization leads to JNDI lookup (e.g., post-JDK 8u191 bypass via LDAP → deserialization)
• unauthorized-access-common-services when the deserialization endpoint is an exposed management service (RMI Registry, T3, AJP)
• ghost-bits-cast-attack when a WAF blocks your BCEL ClassLoader or Fastjson @type payload — Ghost Bits wraps each bytecode byte in a Unicode char whose low 8 bits match, yielding a payload the WAF cannot fingerprint

Advanced Reference

Also load JAVA_GADGET_CHAINS.md when you need:

• Java gadget chain version compatibility matrix (CommonsCollections 1–7, CommonsBeanutils, Spring, JDK-only, Groovy, Hibernate, ROME, C3P0, etc.)
• SnakeYAML gadget (ScriptEngineManager/URLClassLoader) with exploit JAR structure
• Hessian/Kryo/Avro/XStream deserialization patterns and traffic fingerprints
• .NET ViewState deserialization (machineKey requirement, ViewState forgery with ysoserial.net, Blacklist3r)
• Ruby YAML.load vs YAML.safe_load exploitation with version-specific chains
• Detection fingerprints: magic bytes table by format (Java AC ED, .NET AAEAAD, Python pickle 80 0N, PHP O:, Ruby 04 08)