Reverse Shell Applet

Added: 10/10/2010

Background

This tool runs an exploit server which delivers a signed java applet, embedded in an HTML page, to the target hosts. The user is presented with a signed digital certificate which, when accepted, establishes a reverse shell connection back to the exploit server.

Problem

An attacker can use this exploit to gain unauthorized access by generating a reverse shell command connection.

Limitations

For this exploit to succeed, the target host would need to have a Java enabled browser and the signed certificate should be accepted by the user.
The exploit works on all Windows, Linux, and Mac OS platforms.
The target field must be a licensed target but is unused.

Platforms

Windows
Linux
Mac OS

Back to exploit index