23 lines
895 B
Plaintext
23 lines
895 B
Plaintext
--- How to use this module ---
|
|
-- antisnatchor:
|
|
- the applet has been compiled with Java 1.6.0 update 0 in order to be compatible with every JRE > 1.6.x (1.7.x included)
|
|
- tested with IE8 on XP SP3, and IE10 on Win7
|
|
- tested with JRE 1.6.x and 1.7.x
|
|
|
|
- I advise you to recompile/re-sign the applet yourself, the following are the required steps to compile and self-sign the applet.
|
|
NOTE: Best results are obtained signing the applet with a valid Code Signing certificate.
|
|
|
|
- Ideally the dropper is a packed backdoor (Meterpreter?) that connects back to your server (for instance a Metasploit multi/handler).
|
|
|
|
1. compile the two classes
|
|
javac SignedApplet.java SM.java
|
|
|
|
2. create a JAR
|
|
jar cvf SignedApplet.jar SignedApplet.class SM.class
|
|
|
|
3. generate a keystore to self-sign the applet
|
|
keytool -keystore tmp -genkey
|
|
|
|
4. sign the applet
|
|
jarsigner -keystore tmp signedAppletCmdExec.jar mykey
|