From 7cf513ea320e990db0d5f92acc0add3c48ec2b52 Mon Sep 17 00:00:00 2001
From: phith0n <phith0n.ph2f@gmail.com>
Date: Sat, 19 Mar 2022 05:11:15 +0800
Subject: [PATCH 1/4] support parser JDK8u20 payload by adding --jdk8u20 flag

---
 main.go        | 14 +++++++++++++-
 serz/parser.go | 20 ++++++++++++++++++++
 2 files changed, 33 insertions(+), 1 deletion(-)

diff --git a/main.go b/main.go
index c14c9f0..ee64160 100644
--- a/main.go
+++ b/main.go
@@ -61,6 +61,13 @@ func main() {
 						Required: false,
 						Value:    false,
 					},
+					&cli.BoolFlag{
+						Name: "jdk8u20",
+						Usage: "This payload is a JDK8u20 payload generated by " +
+							"<https://github.com/pwntester/JRE8u20_RCE_Gadget>",
+						Required: false,
+						Value:    false,
+					},
 				},
 				Action: func(context *cli.Context) error {
 					var filename = context.String("file")
@@ -81,7 +88,12 @@ func main() {
 						return err
 					}
 
-					obj, err := serz.FromBytes(data)
+					var obj *serz.Serialization
+					if context.Bool("jdk8u20") {
+						obj, err = serz.FromJDK8u20Bytes(data)
+					} else {
+						obj, err = serz.FromBytes(data)
+					}
 					if err != nil {
 						log.Fatalln(err)
 						return nil
diff --git a/serz/parser.go b/serz/parser.go
index 7645ef9..76726d6 100644
--- a/serz/parser.go
+++ b/serz/parser.go
@@ -51,6 +51,16 @@ func FromBytes(data []byte) (*Serialization, error) {
 	return ser, nil
 }
 
+func FromJDK8u20Bytes(data []byte) (*Serialization, error) {
+	data = bytes.Replace(
+		data,
+		[]byte{0x00, 0x7e, 0x00, 0x09},
+		[]byte{0x00, 0x7e, 0x00, 0x09, JAVA_TC_ENDBLOCKDATA},
+		1,
+	)
+	return FromBytes(data)
+}
+
 func (ois *Serialization) ToString() string {
 	var b = commons.NewPrinter()
 	b.Printf("@Magic - %s", commons.Hexify(ois.MagicNumber))
@@ -71,3 +81,13 @@ func (ois *Serialization) ToBytes() []byte {
 
 	return bs
 }
+
+func (ois *Serialization) ToJDK8u20Bytes() []byte {
+	var data = ois.ToBytes()
+	return bytes.Replace(
+		data,
+		[]byte{0x00, 0x7e, 0x00, 0x09, JAVA_TC_ENDBLOCKDATA},
+		[]byte{0x00, 0x7e, 0x00, 0x09},
+		1,
+	)
+}

From 2d48873a74d2b1851811fe0a34a7a3fcfea48117 Mon Sep 17 00:00:00 2001
From: phith0n <phith0n.ph2f@gmail.com>
Date: Sat, 19 Mar 2022 05:11:59 +0800
Subject: [PATCH 2/4] turn on the JDK8u20 unittest

---
 serz/parser_test.go | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/serz/parser_test.go b/serz/parser_test.go
index 150abc5..b321881 100644
--- a/serz/parser_test.go
+++ b/serz/parser_test.go
@@ -40,16 +40,13 @@ func TestYsoserial(t *testing.T) {
 }
 
 func TestJDK8u20(t *testing.T) {
-	// current skipped
-	t.SkipNow()
-
 	var filename = "../testcases/pwntester/JDK8u20.ser"
 	data, err := ioutil.ReadFile(filename)
 	require.Nil(t, err)
 
-	ser, err := FromBytes(data)
+	ser, err := FromJDK8u20Bytes(data)
 	require.Nilf(t, err, "an error is occurred in file %v", filename)
-	require.Truef(t, bytes.Equal(data, ser.ToBytes()), "original serz data is different from generation data in file %v", filename)
+	require.Truef(t, bytes.Equal(data, ser.ToJDK8u20Bytes()), "original serz data is different from generation data in file %v", filename)
 }
 
 func TestMain(m *testing.M) {

From f4170ff4163c3393bf37c9f1a42cb934923221e6 Mon Sep 17 00:00:00 2001
From: phith0n <phith0n.ph2f@gmail.com>
Date: Sat, 19 Mar 2022 05:29:11 +0800
Subject: [PATCH 3/4] added description for JDK8u20 payload on README

---
 README.md           |  7 ++++---
 serz/parser_test.go | 22 ++++++++++++++++------
 2 files changed, 20 insertions(+), 9 deletions(-)

diff --git a/README.md b/README.md
index 9a58926..02b32e0 100644
--- a/README.md
+++ b/README.md
@@ -114,14 +114,15 @@ equal to the original one.
 | URLDNS              | ysoserial | ✅     | ✅       | 21.502µs   |
 | Vaadin1             | ysoserial | ✅     | ✅       | 438.729µs  |
 | Wicket1             | ysoserial | ✅     | ✅       | 23.509µs   |
-| Jdk8u20             | pwntester | ❌     | ❌       | 312.882µs  |
+| JDK8u20*            | pwntester | ✅     | ✅       | 529.3µs    |
 
-[JDK/JRE 8u20 gadget](https://github.com/pwntester/JRE8u20_RCE_Gadget) is not supported now, I am current working on it.
+Notice: For parsing JDK8u20 payload, you should add `--jdk8u20` flag to `dump` command.
+As the payload is not a valid serialized data stream, it's necessary to tell ZKar patches the data through this flag.
 
 ## 📝 TODO
 
 - [ ] Java bytecodes parser and generator
-- [ ] JDK/JRE 8u20 Gadget supporting
+- [x] JDK/JRE 8u20 Gadget supporting
 - [ ] Serialization payloads generator
 - [ ] An implementation of RMI/LDAP in Go
 
diff --git a/serz/parser_test.go b/serz/parser_test.go
index b321881..956ad74 100644
--- a/serz/parser_test.go
+++ b/serz/parser_test.go
@@ -74,22 +74,32 @@ func TestMain(m *testing.M) {
 	fmt.Println("| Gadget | Package | Parsed | Rebuild | Parse Time |")
 	fmt.Println("|--------|--------|--------|--------|--------|")
 	for _, name := range files {
+		var isJDK8u20 = strings.Contains(name, "JDK8u20")
 		data, err := ioutil.ReadFile(name)
 		if err != nil {
 			exitCode = exitCode | 1
 			goto cleanup
 		}
 
-		parseFlag := "❌"
-		rebuildFlag := "❌"
-		start := time.Now()
-		serialization, err := FromBytes(data)
-		duration := time.Since(start)
+		var parseFlag = "❌"
+		var rebuildFlag = "❌"
+		var serialization *Serialization
+		var start = time.Now()
+
+		if isJDK8u20 {
+			serialization, err = FromJDK8u20Bytes(data)
+		} else {
+			serialization, err = FromBytes(data)
+		}
+
+		var duration = time.Since(start)
 
 		if err == nil {
 			parseFlag = "✅"
 
-			if bytes.Equal(serialization.ToBytes(), data) {
+			if isJDK8u20 && bytes.Equal(serialization.ToJDK8u20Bytes(), data) {
+				rebuildFlag = "✅"
+			} else if !isJDK8u20 && bytes.Equal(serialization.ToBytes(), data) {
 				rebuildFlag = "✅"
 			}
 		}

From 51183c130c9591a0def8acb4bd7b97bc008d739e Mon Sep 17 00:00:00 2001
From: phith0n <phith0n.ph2f@gmail.com>
Date: Sat, 19 Mar 2022 05:42:40 +0800
Subject: [PATCH 4/4] fixed CI error in goconst checking

---
 serz/parser_test.go | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/serz/parser_test.go b/serz/parser_test.go
index 956ad74..1039f6a 100644
--- a/serz/parser_test.go
+++ b/serz/parser_test.go
@@ -12,6 +12,9 @@ import (
 	"time"
 )
 
+const existsFlag = "✅"
+const notExistsFlag = "❌"
+
 func extractName(name string) string {
 	name = filepath.Base(name)
 	blocks := strings.Split(name, ".")
@@ -81,8 +84,8 @@ func TestMain(m *testing.M) {
 			goto cleanup
 		}
 
-		var parseFlag = "❌"
-		var rebuildFlag = "❌"
+		var parseFlag = notExistsFlag
+		var rebuildFlag = notExistsFlag
 		var serialization *Serialization
 		var start = time.Now()
 
@@ -95,12 +98,12 @@ func TestMain(m *testing.M) {
 		var duration = time.Since(start)
 
 		if err == nil {
-			parseFlag = "✅"
+			parseFlag = existsFlag
 
 			if isJDK8u20 && bytes.Equal(serialization.ToJDK8u20Bytes(), data) {
-				rebuildFlag = "✅"
+				rebuildFlag = existsFlag
 			} else if !isJDK8u20 && bytes.Equal(serialization.ToBytes(), data) {
-				rebuildFlag = "✅"
+				rebuildFlag = existsFlag
 			}
 		}