Security of Information, Threat Intelligence, Hacking, Offensive Security, Pentest, Open Source, Hackers Tools, Leaks, Pr1v8, Premium Courses Free, etc

  • Penetration Testing Distribution - BackBox

    BackBox is a penetration test and security assessment oriented Ubuntu-based Linux distribution providing a network and informatic systems analysis toolkit. It includes a complete set of tools required for ethical hacking and security testing...
  • Pentest Distro Linux - Weakerth4n

    Weakerth4n is a penetration testing distribution which is built from Debian Squeeze.For the desktop environment it uses Fluxbox...
  • The Amnesic Incognito Live System - Tails

    Tails is a live system that aims to preserve your privacy and anonymity. It helps you to use the Internet anonymously and circumvent censorship...
  • Penetration Testing Distribution - BlackArch

    BlackArch is a penetration testing distribution based on Arch Linux that provides a large amount of cyber security tools. It is an open-source distro created specially for penetration testers and security researchers...
  • The Best Penetration Testing Distribution - Kali Linux

    Kali Linux is a Debian-based distribution for digital forensics and penetration testing, developed and maintained by Offensive Security. Mati Aharoni and Devon Kearns rewrote BackTrack...
  • Friendly OS designed for Pentesting - ParrotOS

    Parrot Security OS is a cloud friendly operating system designed for Pentesting, Computer Forensic, Reverse engineering, Hacking, Cloud pentesting...
Showing posts with label Rootkit. Show all posts
Showing posts with label Rootkit. Show all posts

Sunday, February 21, 2016

Practical Managed Code Rootkits for Java- JReFrameworker




This project aims to extend the work done by Erez Metula in his book Managed Code Rootkits: Hooking into Runtime Environments. The work outlines a tool ReFrameworker that claims to be a framework modification tool capable of performing any modification task, however the tool falls short in usability. Developing new attack modules is difficult as most users are not familiar with working in the intermediate representations (IR) required by the tool. Worse yet, the "write once, run anywhere" motto of managed languages is violated when dealing with runtime libraries, forcing the attacker to write new exploits for each target platform. The current version of ReFrameworker (version 1.1) does not have the ability to manipulate Java bytecode, although Erez Metula points out that the same techniques of using IRs such as Soot's Jimple or the Jasmin assembler can be used to create Java MCRs.

JReFrameworker

Since ReFrameworker is no longer maintained, this project aims to extend previous works by introducing JReFrameworker, a tool to produce MCR capabilities aimed at the Java Runtime Environment in a user-friendly way.

JReFrameworker is a tool that allows a user to write annotated Java source that is automatically merged or inserted into the runtime. The framework supports developing and debugging attack modules directly in the Eclipse IDE. Working at the intended abstraction level of source code allows the attacker to "write once, exploit anywhere".

Getting Started

Ready to get started?

  1. First install the JReFrameworker plugin.
  2. Then check out the provided tutorials to get started hacking your first attack module.

Changelog

1.1.1

  • Improved payload dropper with new command line options for specifying non-standard runtime locations and for specifying output options

1.1.0

  • Support for exporting a basic based payload dropper

1.0.2

  • Improvements to preferences
  • Bug fixes for builder

1.0.1

  • Bug fix for missing annotations Jar in new projects

1.0.0

  • Initial Release

Share:
Copyright © Offensive Sec Blog | Powered by OffensiveSec
Design by OffSec | Theme by Nasa Records | Distributed By Pirate Edition