static void Main(string[] args) { var notAdminUsername = new StartProcess("calc.exe"); notAdminUsername.Start(); var json = UnsecureSerializer <StartProcess> .Serialize(notAdminUsername); var tamperedJson = json.Replace("calc.exe", "Virus.exe"); var adminUsername = UnsecureSerializer <StartProcess> .Deserialize(tamperedJson); adminUsername.Start(); }
static void Main(string[] args) { var notAdminUsername = new StartProcessBad("calc.exe"); Console.WriteLine(notAdminUsername.Cmd); var json = UnsecureSerializer <StartProcessBad> .Serialize(notAdminUsername); var tamperedJson = json.Replace("calc.exe", "Virus.exe"); var adminUsername = UnsecureSerializer <StartProcessBad> .Deserialize(tamperedJson); Console.WriteLine(adminUsername.Cmd); Console.ReadLine(); }