THREATOPS
THREAT OPSThreat News › Hiding payloads in Java source code strings

Hiding payloads in Java source code strings

infoportswigger_researchPublished 2024-01-23

In this post we'll show you how Java handles unicode escapes in source code strings in a way you might find surprising - and how you can abuse them to conceal payloads. We recently released a powerful

Original source: https://portswigger.net/research/hiding-payloads-in-java-source-code-strings