JChainz: Automatic Detection of Deserialization Vulnerabilities for the Java Language.

In the last decade, we have seen the proliferation of code-reuse attacks that rely on deserialization of untrusted data in the context of web applications. The impact of these attacks is really important since they can be used for exposing private information of the users. In this paper, we design a tool for automatic discovery of deserialization vulnerabilities for the Java language. Our purpose is to devise an automatic methodology that use a set of program analysis techniques and is able to output a deserialization attack chain. We test our techniques against common Java libraries used in web technology. The execution of our tool on such a dataset was able to validate the attack chains for the majority of already known vulnerabilities, and it was also able to discover multiple novel chains that represent new types of attack vectors.