From d2d8bcbc3136d98e72d097496b11eb9dd3a2de45 Mon Sep 17 00:00:00 2001 From: Aaron Soto <35073726+asoto-r7@users.noreply.github.com> Date: Wed, 19 Dec 2018 11:23:52 -0600 Subject: [PATCH] Clean up formatting and wording in the final section --- Generating-`ysoserial`-Java-serialized-objects.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Generating-`ysoserial`-Java-serialized-objects.md b/Generating-`ysoserial`-Java-serialized-objects.md index b0a371f6f4..af78f3fcdc 100644 --- a/Generating-`ysoserial`-Java-serialized-objects.md +++ b/Generating-`ysoserial`-Java-serialized-objects.md @@ -38,9 +38,10 @@ The function takes two parameters, a template name and a command:
Click to expand + On occasion, Metasploit maintainers may want to re-run the script generation to incorporate new Java serialized objects from the ysoserial tool. -To avoid invoking Java (and all its dependencies), the serialized objects are generated based on a JSON file. The JSON file can be refreshed using a standalone Ruby script, which comes prepackaged with a Docker image that handles downloading `ysoserial`. For more information, refer to `tools/payloads/ysoserial`. An example run looks like: +To avoid invoking Java (and all its dependencies) at runtime, the serialized objects are generated and cached within a JSON file. The JSON file can be refreshed using a standalone Ruby script, which comes prepackaged with a Docker image that handles downloading `ysoserial` and necessary dependencies. The script, `Dockerimage` and a high-level `runme.sh` script is stored within `tools/payloads/ysoserial`. An example run looks like: ``` $ cd ~/git/r7/metasploit-framework/tools/payloads/ysoserial