SnakeYAML-CVE-2022-1471-POC

Either build the jar on your host with mvn clean compile assembly:single

Or use docker to build an image with docker build -t snakeyaml .

Run the container with docker run --rm -p8080:8080 snakeyaml

or the jar if you built on your host with java -jar target/snakeyaml-1.0-SNAPSHOT-jar-with-dependencies.jar

Send a get request to serialize object of student class and send yaml as response

Send a post request with yaml to read YAML object as custom java object - deserialization

Execute python3 -m http.server 8000 to run the http server

Send a post request with yaml containing exploit

You should observe a HTTP GET request on the listner