/*
 * *
 * * @0xBADCA7 and github/0xBADCA7
 * * How to serialize Java objects. This is from TUCTF 2016.
 * *
 * * Just compile on the command line (IDE will taint serialization and place package identifiers):
 * *   javac Main.java && java Main && cat /tmp/serialized.bin
 * *
 * * */

import java.io.FileOutputStream;
import java.io.ObjectOutputStream;
import java.io.Serializable;

public class Main {

    static String SAVE_PATH = "/tmp/serialized.bin";

    public static void main(String[] args) throws Exception {
	    System.out.print("This tool generates serialized Java objects\r\n\r\n");

        // This is an example of a class
        OSFile f = null;
        f = new UnixFile();
        f.file = "flaG";
        // 

        ObjectOutputStream oos = new ObjectOutputStream(new FileOutputStream(SAVE_PATH));
        oos.writeObject(f); // your object goes here instead of "f"
        oos.flush();

        System.out.print("Serialized to " + SAVE_PATH + "\r\n");
    }
}


// This belongs to the example only
class UnixFile extends OSFile
{
    public String getFileName()
    {
        //Unix filenames are case-sensitive, don't change
        return "flaG";
    }
}


// This belongs to the example only
abstract class OSFile implements Serializable
{
    String file = "";
    abstract String getFileName();
}