dustbyter Posted March 19, 2013 Share Posted March 19, 2013 Hi All, I have updated the EvilJava infusion from the pre-2.5.0 release to run on 2.8.0. I'm looking for someone to beta test it before I submit it. Please PM me if you are interested in testing it. I'm looking for anyone who may have used it in the past and can confirm it works correctly as I don't have the time to set up a test environment. Thanks! Quote Link to comment Share on other sites More sharing options...
Boba Fett Posted March 19, 2013 Share Posted March 19, 2013 What EvilJava do? How Works? Quote Link to comment Share on other sites More sharing options...
dustbyter Posted March 19, 2013 Author Share Posted March 19, 2013 In short, it injects a malicious signed jar that loads opens a metasploit connection back to your listener. Quote Link to comment Share on other sites More sharing options...
satana77 Posted March 25, 2013 Share Posted March 25, 2013 Let me try it Quote Link to comment Share on other sites More sharing options...
Casual Posted March 25, 2013 Share Posted March 25, 2013 Thanks for reviving this great module. Great for a pentest. Quote Link to comment Share on other sites More sharing options...
dustbyter Posted March 26, 2013 Author Share Posted March 26, 2013 I've only had one person ask to beta test. I think I'll just submit it tomorrow or day after for publishing. Quote Link to comment Share on other sites More sharing options...
Foxtrot Posted March 29, 2013 Share Posted March 29, 2013 Don't you think that you should put get in here, Evil_java_, and get uses_java_script right? -Foxtrot :) Quote Link to comment Share on other sites More sharing options...
WallE Posted March 31, 2013 Share Posted March 31, 2013 Is it some kind of Java applet? What is the targeted client will see if you run this application? Quote Link to comment Share on other sites More sharing options...
dustbyter Posted March 31, 2013 Author Share Posted March 31, 2013 This is a signed java applet that is run and deposits a metasploit payload. Quote Link to comment Share on other sites More sharing options...
WallE Posted March 31, 2013 Share Posted March 31, 2013 But it will create this pop up on the client side right? http://0o2471.net/46217 Quote Link to comment Share on other sites More sharing options...
DrDinosaur Posted April 1, 2013 Share Posted April 1, 2013 But it will create this pop up on the client side right? http://0o2471.net/46217 More than likely, yes. Quote Link to comment Share on other sites More sharing options...
rcollins0618 Posted April 1, 2013 Share Posted April 1, 2013 most people would probably just click yes to get to whatever they're trying to do. Quote Link to comment Share on other sites More sharing options...
dustbyter Posted April 23, 2013 Author Share Posted April 23, 2013 Sorry for the delay. The Evil Java infusion has been uploaded and should be available on the pineapple bar. thanks Quote Link to comment Share on other sites More sharing options...
DyFukA Posted April 24, 2013 Share Posted April 24, 2013 The module is on the pineapple bar but not downloading / installing correctly. I'm getting this every time. Firmware 2.8.0 http://i.imgur.com/J5FSvbK.png Quote Link to comment Share on other sites More sharing options...
kpoeticg Posted April 24, 2013 Share Posted April 24, 2013 I get the same screen as DyFukA. Also when I click remove it removes every single Module from the Infusions menu. It seems as though it only removes them from the menu though because the used and free memory doesn't change at all. Even when reinstalling them all one by one the memory stays the same and alll the sub-packages for all the modules remain installed Quote Link to comment Share on other sites More sharing options...
dustbyter Posted April 24, 2013 Author Share Posted April 24, 2013 I'll try it out, but this may be related to the new interface for the wifi site. Quote Link to comment Share on other sites More sharing options...
DyFukA Posted April 25, 2013 Share Posted April 25, 2013 I get the same screen as DyFukA. Also when I click remove it removes every single Module from the Infusions menu. It seems as though it only removes them from the menu though because the used and free memory doesn't change at all. Even when reinstalling them all one by one the memory stays the same and alll the sub-packages for all the modules remain installed yes I have the same issue also with losing the modules. I tried from a fresh install and still no luck. Quote Link to comment Share on other sites More sharing options...
WallE Posted April 25, 2013 Share Posted April 25, 2013 I have the same thing and as they said above If I click remove it will remove all my modules. And if I unpin, it will also unpin all my modules Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted April 25, 2013 Share Posted April 25, 2013 I have the same thing and as they said above If I click remove it will remove all my modules. And if I unpin, it will also unpin all my modules Will removing any infusion trigger this or just this one? Quote Link to comment Share on other sites More sharing options...
kpoeticg Posted April 25, 2013 Share Posted April 25, 2013 It's only this one. And like I said, it seems like it's only removing everything from the gui for some reason. The amount of memory in storage stays the same from before it removes the modules through reinstalling them all. So they're still there somewhere. Just can't access them. And after reinstalling the modules they are all still configured from before it removed them. Quote Link to comment Share on other sites More sharing options...
WallE Posted April 26, 2013 Share Posted April 26, 2013 (edited) Will removing any infusion trigger this or just this one? Like said above it is only this one and I downloaded almost all the modules It's only this one. And like I said, it seems like it's only removing everything from the gui for some reason. The amount of memory in storage stays the same from before it removes the modules through reinstalling them all. So they're still there somewhere. Just can't access them. And after reinstalling the modules they are all still configured from before it removed them. I second all that Edited April 26, 2013 by WallE Quote Link to comment Share on other sites More sharing options...
Tymm Posted April 26, 2013 Share Posted April 26, 2013 Same problem here. After installation it has no name under installed infusions and when removed it removes everything. Quote Link to comment Share on other sites More sharing options...
dustbyter Posted April 26, 2013 Author Share Posted April 26, 2013 Sebkinne, let me know if I should be reviewing the code, but my understanding is that the install and uninstall of modules is all occuring through the wifi-interface (specifically pages/modules.php) Quote Link to comment Share on other sites More sharing options...
kpoeticg Posted April 30, 2013 Share Posted April 30, 2013 The uninstall of the modules occures through the interface but the reason everybody clicks uninstall on your module is because after you install it the name field is blank for only this infusion in the modules list so it's unusable. Then when you click remove all of the modules disappear. So aside from the disappearing of all the modules from the gui, you need to solve why you're module never appears in the gui after it is installed. The rest of the field is normal, just the name is blank so there's nothing to click on to open it. Quote Link to comment Share on other sites More sharing options...
dustbyter Posted April 30, 2013 Author Share Posted April 30, 2013 kpoeticg, thanks for the additional information. I'll have to restore my device to stock and then install the module to replicate. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.