From aldeid
Jump to navigation Jump to search
You are here
Java Signed Applet Attack


This attack starts a web server hosting a self-signed Java applet. Visitors are asked to give the applet permission to run. When a visitor grants this permission, you gain access to their system.

The Java Signed Applet Attack uses Cobalt Strike's Java injector. On Windows, the Java injector will inject shellcode for a Windows listener directly into memory for you.

To get the most mileage from this attack, you will want to download the Applet Kit from the Cobalt Strike arsenal and sign it with a code signing certificate.


For self-signed applets, the attack will likely fail: