Skip to content
/ jvmtiAgentLoad-Exploit Public

Tools and code for generating a malicious JAR to exploit jvmtiAgentLoad

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

mbadanoiu/jvmtiAgentLoad-Exploit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
META-INF
META-INF
 
 
JavaAgent.java.template
JavaAgent.java.template
 
 
README.md
README.md
 
 
create_jar.sh
create_jar.sh
 
 

Repository files navigation

Arbitrary code execution via jvmtiAgentLoad

Description:

Tools and code for generating a malicious JAR to exploit jvmtiAgentLoad

Usage:

$ bash create_jar.sh 
Usage: create_jar.sh <TARGET_OS> <COMMAND>
Supported TARGET_OS options: linux|windows

Linux Target

The following command generates a JAR (mal.jar) that can be used on a Linux target:

bash create_jar.sh linux 'id > /tmp/jvmtiLoadAgent_test'

Windows Target

The following command generates a JAR (mal.jar) that can be used on a Windows target:

bash create_jar.sh windows 'whoami > C:\\Users\\Public\\jvmtiLoadAgent_test.txt'

Additional Resources:

Blog post on how the jvmtiAgentLoad exploit works by pyn3rd

About

Tools and code for generating a malicious JAR to exploit jvmtiAgentLoad

Topics

java code-execution jvmti-agent

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases 1

Pre-Compiled JARs Latest
Nov 27, 2024

Languages