Add default sandbox exploit.

This commit is contained in:
Andy Nguyen 2021-11-04 18:09:00 +01:00
parent 1d8fab5dd3
commit 9dcf0bfe7f
3 changed files with 22 additions and 1 deletions

View File

@ -15,6 +15,7 @@ CLASSES = \
$(SRC)/com/bdjb/JIT.java \ $(SRC)/com/bdjb/JIT.java \
$(SRC)/com/bdjb/Screen.java \ $(SRC)/com/bdjb/Screen.java \
$(SRC)/com/bdjb/exploit/sandbox/ExploitSandboxInterface.java \ $(SRC)/com/bdjb/exploit/sandbox/ExploitSandboxInterface.java \
$(SRC)/com/bdjb/exploit/sandbox/ExploitDefaultImpl.java \
$(SRC)/com/bdjb/exploit/sandbox/ExploitUserPrefsImpl.java \ $(SRC)/com/bdjb/exploit/sandbox/ExploitUserPrefsImpl.java \
$(SRC)/com/bdjb/exploit/sandbox/ExploitServiceProxyImpl.java \ $(SRC)/com/bdjb/exploit/sandbox/ExploitServiceProxyImpl.java \
$(SRC)/com/bdjb/exploit/sandbox/IxcProxyImpl.java \ $(SRC)/com/bdjb/exploit/sandbox/IxcProxyImpl.java \

View File

@ -8,6 +8,7 @@
package com.bdjb; package com.bdjb;
import com.bdjb.exploit.sandbox.ExploitSandboxInterface; import com.bdjb.exploit.sandbox.ExploitSandboxInterface;
import com.bdjb.exploit.sandbox.ExploitDefaultImpl;
import com.bdjb.exploit.sandbox.ExploitUserPrefsImpl; import com.bdjb.exploit.sandbox.ExploitUserPrefsImpl;
import com.bdjb.exploit.sandbox.ExploitServiceProxyImpl; import com.bdjb.exploit.sandbox.ExploitServiceProxyImpl;
import com.bdjb.exploit.kernel.ExploitKernelInterface; import com.bdjb.exploit.kernel.ExploitKernelInterface;
@ -25,7 +26,9 @@ class Exploit implements Runnable {
Screen.println("[*] Escaping Java Sandbox..."); Screen.println("[*] Escaping Java Sandbox...");
ExploitSandboxInterface[] exploits = ExploitSandboxInterface[] exploits =
new ExploitSandboxInterface[] {new ExploitUserPrefsImpl(), new ExploitServiceProxyImpl()}; new ExploitSandboxInterface[] {
new ExploitDefaultImpl(), new ExploitUserPrefsImpl(), new ExploitServiceProxyImpl()
};
for (int i = 0; i < exploits.length; i++) { for (int i = 0; i < exploits.length; i++) {
try { try {

View File

@ -0,0 +1,17 @@
/*
* Copyright (C) 2021 Andy Nguyen
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
package com.bdjb.exploit.sandbox;
/** Default exploit implementation. */
public class ExploitDefaultImpl implements ExploitSandboxInterface {
public boolean trigger() throws Exception {
System.setSecurityManager(null);
return System.getSecurityManager() == null;
}
}