github/MITMf
1
0
Fork 0
mirror of https://github.com/byt3bl33d3r/MITMf.git synced 2025-07-07 05:22:15 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

added more java exploits to JavaPwn

Browse source
This commit is contained in:
byt3bl33d3r 2014-07-15 20:45:08 +02:00
parent 0983278f1c
commit 24b0706dd5
1 changed files with 7 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

9
plugins/JavaPwn.py
View file

@ -27,8 +27,13 @@ class JavaPwn(BrowserProfiler, Plugin):
sys.exit('[-] JavaPwn plugin requires --msfip') sys.exit('[-] JavaPwn plugin requires --msfip')
#Correlates java versions with their relative exploits #Correlates java versions with their relative exploits
self.javaVersionDic = {1.705: "java_verifier_field_access", self.javaVersionDic = {1.702: "java_atomicreferencearray",
1.703: "java_atomicreferencearray"} 1.704: "java_verifier_field_access",
1.706: "java_jre17_exec",
1.707: "java_jre17_jaxws",
1.7010: "java_jre17_jmxbean",
1.7017: "java_jre17_driver_manager",
1.7021: "java_storeimagearray"}
#add your exploits here converting the max affected java version to a float (e.g. java version 1.7.05 => 1.705) #add your exploits here converting the max affected java version to a float (e.g. java version 1.7.05 => 1.705)
self.sploited_ips = [] # store ip of pwned or not vulnarable clients so we don't re-exploit self.sploited_ips = [] # store ip of pwned or not vulnarable clients so we don't re-exploit