· 7 years ago · Feb 12, 2018, 10:14 AM
1
2STREAM_MAGIC - 0xac ed
3STREAM_VERSION - 0x00 05
4Contents
5 TC_OBJECT - 0x73
6 TC_CLASSDESC - 0x72
7 className
8 Length - 40 - 0x00 28
9 Value - fi.exploitable.webapp.entity.LoginCookie - 0x66692e6578706c6f697461626c652e7765626170702e656e746974792e4c6f67696e436f6f6b6965
10 serialVersionUID - 0x00 00 00 00 00 00 02 9a
11 newHandle 0x00 7e 00 00
12 classDescFlags - 0x02 - SC_SERIALIZABLE
13 fieldCount - 5 - 0x00 05
14 Fields
15 0:
16 Boolea - Z - 0x5a
17 fieldName
18 Length - 7 - 0x00 07
19 Value - isAdmin - 0x697341646d696e
20 1:
21 Object - L - 0x4c
22 fieldName
23 Length - 3 - 0x00 03
24 Value - bag - 0x626167
25 className1
26 TC_STRING - 0x74
27 newHandle 0x00 7e 00 01
28 Length - 36 - 0x00 24
29 Value - Lorg/apache/commons/collections/Bag; - 0x4c6f72672f6170616368652f636f6d6d6f6e732f636f6c6c656374696f6e732f4261673b
30 2:
31 Object - L - 0x4c
32 fieldName
33 Length - 2 - 0x00 02
34 Value - id - 0x6964
35 className1
36 TC_STRING - 0x74
37 newHandle 0x00 7e 00 02
38 Length - 16 - 0x00 10
39 Value - Ljava/util/UUID; - 0x4c6a6176612f7574696c2f555549443b
40 3:
41 Object - L - 0x4c
42 fieldName
43 Length - 9 - 0x00 09
44 Value - secretKey - 0x7365637265744b6579
45 className1
46 TC_STRING - 0x74
47 newHandle 0x00 7e 00 03
48 Length - 18 - 0x00 12
49 Value - Ljava/lang/String; - 0x4c6a6176612f6c616e672f537472696e673b
50 4:
51 Object - L - 0x4c
52 fieldName
53 Length - 8 - 0x00 08
54 Value - userName - 0x757365724e616d65
55 className1
56 TC_REFERENCE - 0x71
57 Handle - 8257539 - 0x00 7e 00 03
58 classAnnotations
59 TC_ENDBLOCKDATA - 0x78
60 superClassDesc
61 TC_NULL - 0x70
62 newHandle 0x00 7e 00 04
63 classdata
64 fi.exploitable.webapp.entity.LoginCookie
65 values
66 isAdmin
67 (boolean)false - 0x00
68 bag
69 (object)
70 TC_OBJECT - 0x73
71 TC_CLASSDESC - 0x72
72 className
73 Length - 42 - 0x00 2a
74 Value - org.apache.commons.collections.bag.HashBag - 0x6f72672e6170616368652e636f6d6d6f6e732e636f6c6c656374696f6e732e6261672e48617368426167
75 serialVersionUID - 0xa4 f2 3c 45 fe a8 11 63
76 newHandle 0x00 7e 00 05
77 classDescFlags - 0x03 - SC_WRITE_METHOD | SC_SERIALIZABLE
78 fieldCount - 0 - 0x00 00
79 classAnnotations
80 TC_ENDBLOCKDATA - 0x78
81 superClassDesc
82 TC_NULL - 0x70
83 newHandle 0x00 7e 00 06
84 classdata
85 org.apache.commons.collections.bag.HashBag
86 values
87 objectAnnotation
88 TC_BLOCKDATA - 0x77
89 Length - 4 - 0x04
90 Contents - 0x00000002
91 TC_STRING - 0x74
92 newHandle 0x00 7e 00 07
93 Length - 4 - 0x00 04
94 Value - user - 0x75736572
95 TC_BLOCKDATA - 0x77
96 Length - 4 - 0x04
97 Contents - 0x00000001
98 TC_STRING - 0x74
99 newHandle 0x00 7e 00 08
100 Length - 7 - 0x00 07
101 Value - user123 - 0x75736572313233
102 TC_BLOCKDATA - 0x77
103 Length - 4 - 0x04
104 Contents - 0x00000001
105 TC_ENDBLOCKDATA - 0x78
106 id
107 (object)
108 TC_OBJECT - 0x73
109 TC_CLASSDESC - 0x72
110 className
111 Length - 14 - 0x00 0e
112 Value - java.util.UUID - 0x6a6176612e7574696c2e55554944
113 serialVersionUID - 0xbc 99 03 f7 98 6d 85 2f
114 newHandle 0x00 7e 00 09
115 classDescFlags - 0x02 - SC_SERIALIZABLE
116 fieldCount - 2 - 0x00 02
117 Fields
118 0:
119 Long - L - 0x4a
120 fieldName
121 Length - 12 - 0x00 0c
122 Value - leastSigBits - 0x6c6561737453696742697473
123 1:
124 Long - L - 0x4a
125 fieldName
126 Length - 11 - 0x00 0b
127 Value - mostSigBits - 0x6d6f737453696742697473
128 classAnnotations
129 TC_ENDBLOCKDATA - 0x78
130 superClassDesc
131 TC_NULL - 0x70
132 newHandle 0x00 7e 00 0a
133 classdata
134 java.util.UUID
135 values
136 leastSigBits
137 (long)-4658081423 - 0x9b cf c0 86 ea 5b 51 71
138 mostSigBits
139 (long)280376818027209 - 0x47 51 c4 76 50 a4 4a c9
140 secretKey
141 (object)
142 TC_REFERENCE - 0x71
143 Handle - 8257544 - 0x00 7e 00 08
144 userName
145 (object)
146 TC_REFERENCE - 0x71
147 Handle - 8257543 - 0x00 7e 00 07