JReFrameworker v1.1.1 – A practical tool for creating Managed Code Rootkits (MCRs) in the Java Runtime Environment.
Changelog latest version 184.108.40.206601161527:
+ Adding command line options for dropper jar, more reliable output options
JReFrameworker is an Eclipse plugin for creating and building projects that allow the user to write annotated Java source that is automatically merged or inserted into the runtime. The framework supports developing and debugging attack modules directly in the Eclipse IDE. Working at the intended abstraction level of source code allows the attacker to “write once, exploit anywhere”.
Project road map support:
+ A payload dropper with support for Metasploit Post-Exploitation Modules
+ Comprehensive review of runtime update strategies (in progress)
+ Support for merging class constructors, initializers, and static initializers
+ Enhanced bytecode validity checks with respect to the entire runtime library (not just the generated class files)
+ Lots of example attack modules!
+ Incremental build support
+ Evaluate attacking other JRE based runtimes (Scala, JRuby, Jython, etc.)
Installing from update site
Follow the steps below to install the JReFrameworker plugin from the Eclipse update site.
1. Start Eclipse, then select Help > Install New Software.
2. Click Add, in the top-right corner.
3. In the Add Repository dialog that appears, enter “JReFrameworker” for the Name and “http://ben-holland.com/JReFrameworker/updates/” for the Location.
4. In the Available Software dialog, select the checkbox next to “WAR Binary Processing” and click Next followed by OK.
5. In the next window, you’ll see a list of the tools to be downloaded. Click Next.
6. Read and accept the license agreements, then click Finish. If you get a security warning saying that the authenticity or validity of the software can’t be established, click OK.
7. When the installation completes, restart Eclipse.
This extended introductory tutorial demonstrates how to create a simple attack module to hide a file using JReFrameworker and provides a basic understanding of the underlying bytecode manipulations performed by the tool.
Source : https://github.com/benjholla | https://ben-holland.com