SilverExploit Posted May 21, 2012 Share Posted May 21, 2012 (edited) First of all thanks to reflex for creating the evil java page. I just turned it into a module. The full version of this module is yet to come... EvilJava module - version 2.0 (CURRENT) Custom payloads can be uploaded from gui. They are categorized for Windows, Mac, and Linux. You can select through the UI which payload to use for a specific OS. Custom payloads can be deleted too Java applet and payloads can be saved in USB (this way you can have tens of custom payloads for each OS and switch between them very easily) You can synchronize with the GET module in order to see what OS the clients are using, and wether they have Java enabled NOTE: The listener ip changer will be fixed as soon as I figure out why all connections except metasploit work ;( NOTE: A better 'help' and support for 'OTHER' OS are coming soon EvilJava module - version 1.0 Malicious Java Applet for Windows, MAC, and Linux Modify index.php page to redirect to EvilJava NOTICE: the default payloads are set to connect back to 172.16.42.42 so make sure that's your IP unless you're using custom payloads. Feel free to upload as many custo payloads as you like :) Please leave any suggestions, or bug reports you have here. Thanks... :) Infected Page: Edited May 28, 2012 by SilverExploit Quote Link to comment Share on other sites More sharing options...
wouter301 Posted May 22, 2012 Share Posted May 22, 2012 First off all thank you both for making this available to us! I have a small suggestion. I'm assuming that anyone who makes use of this module is very familiar with Metasploit and know how to create his/her own (java)payload. I would be very nice (at least I think so) to be able to put your own payload in via the Web UI per OS (Linux, Mac, Windows). The reason for this is that some of us are using the MKV as a standalone device connected to a 3G modem or via the WAN interface attached to a router. So you want to be able to put your own IP address in the payload. Not just 172.16.42.42. Maybe using a reverse HTTPS connection instead of a TCP etc. Now, I'm manually editing the run.html replacing the encoded payload with my own payload. So by enabling the user to either use your default payload or its own, this module will be very powerful! Anyway. This thing rocks already!!! ;) Quote Link to comment Share on other sites More sharing options...
SilverExploit Posted May 22, 2012 Author Share Posted May 22, 2012 First off all thank you both for making this available to us! I have a small suggestion. I'm assuming that anyone who makes use of this module is very familiar with Metasploit and know how to create his/her own (java)payload. I would be very nice (at least I think so) to be able to put your own payload in via the Web UI per OS (Linux, Mac, Windows). The reason for this is that some of us are using the MKV as a standalone device connected to a 3G modem or via the WAN interface attached to a router. So you want to be able to put your own IP address in the payload. Not just 172.16.42.42. Maybe using a reverse HTTPS connection instead of a TCP etc. Now, I'm manually editing the run.html replacing the encoded payload with my own payload. So by enabling the user to either use your default payload or its own, this module will be very powerful! Anyway. This thing rocks already!!! ;) Very nice idea! I'll start working on it right away. :) Thanks for the suggestion. Quote Link to comment Share on other sites More sharing options...
PineDominator Posted May 22, 2012 Share Posted May 22, 2012 Very nice idea! I'll start working on it right away. :) Thanks for the suggestion. would be better if all of the java/exe payloads pointed back to the pineapple say on a reserved ip that is used to pivot/redirect to another machine/server/ip/dyndns the user sets up, basically all scripts could make use of this methods having the special ip being controlled by the user/pen tester;-) sorry I am ranting, just a thought Quote Link to comment Share on other sites More sharing options...
SilverExploit Posted May 22, 2012 Author Share Posted May 22, 2012 would be better if all of the java/exe payloads pointed back to the pineapple say on a reserved ip that is used to pivot/redirect to another machine/server/ip/dyndns the user sets up, basically all scripts could make use of this methods having the special ip being controlled by the user/pen tester;-) sorry I am ranting, just a thought I see... netcat or iptables will do the trick. I'll add a box where you can update the pentesters ip so that lets say 172.16.42.111 redirects to the pentesters ip to ex: 172.16.42.42, and all payloads are set to connect to 172.16.42.111 ! Very clever Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.