Basic code for creating the Alibaba FastJson + Spring gadget chain, as used to exploit Apache Dubbo in CVE-2019-17564 - more information available at https://www.checkmarx.com/blog/apache-dubbo-unauthenticated-remote-code-execution-vulnerability
CVE-2019-17564 FastJson + SpringFramework Gadget for Dubbo 273
Our full write-up is available at wwwcheckmarxcom/blog/apache-dubbo-unauthenticated-remote-code-execution-vulnerability
Note that this is not an exploit; it is a POC gadget chain used in an exploit used to demonstrate deserialization in scopes containing certain dependencies
Overview
Basic code for crea