HealthChk
MediumWeb Security
Overview
You've been handed access to a simple health check service, submit your database connection details, get a status back. Clean. Functional. Boring, even.
But somewhere beneath that mundane interface, the application is doing something far more interesting with your input than it lets on. The developers anticipated attackers. They built a filter. They felt protected.
Look closer at what the application is built on, and how old it is. Look closer at what happens to your data before it ever reaches the business logic. The protection in place guards against the obvious but the obvious isn't your only path in.
Your goal is a shell. The flag is waiting.
Flag format: flag{}
Lab Details
Prerequisites & Requirements
- Basic understanding of Java serialization/deserialization vulnerabilities
- Familiarity with reverse shell mechanisms
- Knowledge of JVM-based application security
- Ability to analyze Java bytecode and runtime behavior
- Local testing environment with Java 8+ JDK
What will you learn?
- Crafting custom Java reverse shell payloads
- Exploit SnakeYAML
Tools
- nc (Netcat for listener)
- javac (Java Compiler)
- jar (Java Archive Tool)
- jd-gui (Java Decompiler)
- Burp Suite (HTTP interception)
Job Positions
Penetration Tester
Tags
Insecure DeserializationRceUrl EncodingSource Code ReviewInput Validation