Ben Holland benjholla

## SystemProfiler.java
import java.awt.GraphicsDevice;
import java.awt.GraphicsEnvironment;
import java.io.File;
import java.lang.management.ManagementFactory;
import java.net.InetAddress;
import java.net.NetworkInterface;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Locale;
import java.util.TimeZone;

## ExceptionalLaunder.java

/**
 * A toy example of laundering data through the use of the program stack and exception control flow paths
 * The input data drives how two methods recursively call each other.  If the next input value is a 0 then
 * the _0 method is called, likewise a 1 calls the _1 method.  When there is no more data an Exception is thrown
 * with the following stack trace.  The Exception is caught and the stack trace is used to recover the data.
 *
 * java.lang.StringIndexOutOfBoundsException: String index out of range: 0
 *	at java.lang.String.charAt(String.java:658)
 *	at ExceptionalLaunder._0(ExceptionalLaunder.java:39)

## DataFlowLaunder.java

/**
 * A toy example of laundering data through "implicit dataflow paths"
 * The launder method uses the input data to reconstruct a new result
 * with the same value as the original input.
 *
 * @author Ben Holland
 */
public class DataflowLaunder {

## ExampleClass.java
/**
 * Playing around with inner classes and control flow
 * @author Ben Holland
 */
public class ExampleClass {

	// static initializer
	static {
		// anonymous inner class
		new ExampleClass() {

## injection.py
#!/usr/bin/python

import sys
import getopt
import urllib2

# define hexEncode function
hexEncode = lambda x:"".join([hex(ord(c))[2:].zfill(2) for c in x])

def main(argv):

## InsideOut.java
public class InsideOut {

	public static void main(String[] args){
		System.out.println(new OutsideIn().toString());
	}

	public InsideOut() {}

	@Override
	public String toString(){

## UnicodeEvil.java
public class UnicodeEvil {

	public static void main(String[] args) {
		print("Hello");

		/*
		 * TODO: print World in unicode
		 * \u002A\u002F\u0070\u0072\u0069\u006E\u0074\u0028\u0022\u0043\u0072\u0075\u0065\u006C\u0022\u0029\u003B\u002F\u002A
		 */
		print("World");

## SendmailCrackaddr.java
package sendmail_crackaddr;

/**
 * A Java implementation of the toy example of the Sendmail Crackaddr flaw created by Thomas Dullien
 * Source: https://bytebucket.org/mihaila/bindead/wiki/resources/crackaddr-talk.pdf
 *
 * Outputs:
 * Exception in thread "main" java.lang.ArrayIndexOutOfBoundsException: 200
 *  at sendmail_crackaddr.SendmailCrackaddr.copyIt(SendmailCrackaddr.java:57)
 *  at sendmail_crackaddr.SendmailCrackaddr.main(SendmailCrackaddr.java:20)

## ExpandedExceptionalLaunder.java
public class ExpandedExceptionalLaunder {

	public static void main(String[] args) {
		String sensitive = "SECRET_DATA";
		try {
			pilfer(sensitive);
		} catch (Exception e){
    		leak(errorReport(e));
		}
	}

## PrivateMethodReflection.java
import java.lang.reflect.Method;
import java.util.Random;

public class PrivateMethodReflection {

	public static void main(String[] args) throws Exception {

		Person person = new Person("Bob");
		System.out.println("Name: " + person.getName());
	import java.awt.GraphicsDevice;
	import java.awt.GraphicsEnvironment;
	import java.io.File;
	import java.lang.management.ManagementFactory;
	import java.net.InetAddress;
	import java.net.NetworkInterface;
	import java.util.ArrayList;
	import java.util.Enumeration;
	import java.util.Locale;
	import java.util.TimeZone;

	/**
	* A toy example of laundering data through the use of the program stack and exception control flow paths
	* The input data drives how two methods recursively call each other. If the next input value is a 0 then
	* the _0 method is called, likewise a 1 calls the _1 method. When there is no more data an Exception is thrown
	* with the following stack trace. The Exception is caught and the stack trace is used to recover the data.
	*
	* java.lang.StringIndexOutOfBoundsException: String index out of range: 0
	* at java.lang.String.charAt(String.java:658)
	* at ExceptionalLaunder._0(ExceptionalLaunder.java:39)

	/**
	* A toy example of laundering data through "implicit dataflow paths"
	* The launder method uses the input data to reconstruct a new result
	* with the same value as the original input.
	*
	* @author Ben Holland
	*/
	public class DataflowLaunder {
	/**
	* Playing around with inner classes and control flow
	* @author Ben Holland
	*/
	public class ExampleClass {

	// static initializer
	static {
	// anonymous inner class
	new ExampleClass() {
	#!/usr/bin/python

	import sys
	import getopt
	import urllib2

	# define hexEncode function
	hexEncode = lambda x:"".join([hex(ord(c))[2:].zfill(2) for c in x])

	def main(argv):
	public class InsideOut {

	public static void main(String[] args){
	System.out.println(new OutsideIn().toString());
	}

	public InsideOut() {}

	@Override
	public String toString(){
	public class UnicodeEvil {

	public static void main(String[] args) {
	print("Hello");

	/*
	* TODO: print World in unicode
	* \u002A\u002F\u0070\u0072\u0069\u006E\u0074\u0028\u0022\u0043\u0072\u0075\u0065\u006C\u0022\u0029\u003B\u002F\u002A
	*/
	print("World");
	package sendmail_crackaddr;

	/**
	* A Java implementation of the toy example of the Sendmail Crackaddr flaw created by Thomas Dullien
	* Source: https://bytebucket.org/mihaila/bindead/wiki/resources/crackaddr-talk.pdf
	*
	* Outputs:
	* Exception in thread "main" java.lang.ArrayIndexOutOfBoundsException: 200
	* at sendmail_crackaddr.SendmailCrackaddr.copyIt(SendmailCrackaddr.java:57)
	* at sendmail_crackaddr.SendmailCrackaddr.main(SendmailCrackaddr.java:20)
	public class ExpandedExceptionalLaunder {

	public static void main(String[] args) {
	String sensitive = "SECRET_DATA";
	try {
	pilfer(sensitive);
	} catch (Exception e){
	leak(errorReport(e));
	}
	}
	import java.lang.reflect.Method;
	import java.util.Random;

	public class PrivateMethodReflection {

	public static void main(String[] args) throws Exception {

	Person person = new Person("Bob");
	System.out.println("Name: " + person.getName());