external/source/msfJavaToolkit/testKeytool.rb

#!/usr/bin/ruby

require 'rubygems'
require 'rjb'

Rjb::load(ENV['JAVA_HOME'] + '/lib/tools.jar:.',jvmargs=[])

# This is a completely hackish way to do this, and could break with future
# versions of the JDK.  Need to find a better way to use sun.security.tools.KeyTool
# and .JarSigner than modifying the source.  These rely on internal APIs that may
# change.
clsKeyTool = Rjb::import('sun.security.tools.KeyTool')
#clsKeyTool = Rjb::import('sun.security.tools.KeyToolMSF')
clsJarSigner = Rjb::import('sun.security.tools.JarSigner')
#clsJarSigner = Rjb::import('sun.security.tools.JarSignerMSF')

keytool = clsKeyTool
jarsigner = clsJarSigner

outputJar = "output.jar"

#certCN cannot contain commas
certCN 		= "Metasploit Inc."
#keytoolOpts 	= "-genkey -alias signFiles -keystore msfkeystore " +
#		  "-storepass msfstorepass -dname \"cn=#{certCN}\" " +
#		  "-keypass msfkeypass"

keytoolOpts 	= ["-genkey", "-alias", "signFiles", "-keystore", "msfkeystore",
		   "-storepass", "msfstorepass", "-dname", "cn=#{certCN}",
		   "-keypass", "msfkeypass"]


keytool._invoke('main','[Ljava.lang.String;',keytoolOpts)


jarsignerOpts	= ["-keystore", "msfkeystore", "-storepass", "msfstorepass",
		   "-keypass", "msfkeypass", "-signedJar", "s#{outputJar}",
		   outputJar, "signFiles"]

jarsigner._invoke('main','[Ljava.lang.String;',jarsignerOpts)
Initial commit of Msf::Exploit::Java mixin and multi/browser/java_signed_applet exploit. 2010-01-27 19:46:39 +00:00			`#!/usr/bin/ruby`

			`require 'rubygems'`
			`require 'rjb'`

			`Rjb::load(ENV['JAVA_HOME'] + '/lib/tools.jar:.',jvmargs=[])`

			`# This is a completely hackish way to do this, and could break with future`
			`# versions of the JDK. Need to find a better way to use sun.security.tools.KeyTool`
			`# and .JarSigner than modifying the source. These rely on internal APIs that may`
			`# change.`
			`clsKeyTool = Rjb::import('sun.security.tools.KeyTool')`
			`#clsKeyTool = Rjb::import('sun.security.tools.KeyToolMSF')`
			`clsJarSigner = Rjb::import('sun.security.tools.JarSigner')`
			`#clsJarSigner = Rjb::import('sun.security.tools.JarSignerMSF')`

			`keytool = clsKeyTool`
			`jarsigner = clsJarSigner`

			`outputJar = "output.jar"`

			`#certCN cannot contain commas`
			`certCN = "Metasploit Inc."`
			`#keytoolOpts = "-genkey -alias signFiles -keystore msfkeystore " +`
			`# "-storepass msfstorepass -dname \"cn=#{certCN}\" " +`
			`# "-keypass msfkeypass"`

			`keytoolOpts = ["-genkey", "-alias", "signFiles", "-keystore", "msfkeystore",`
			`"-storepass", "msfstorepass", "-dname", "cn=#{certCN}",`
			`"-keypass", "msfkeypass"]`


			`keytool._invoke('main','[Ljava.lang.String;',keytoolOpts)`


			`jarsignerOpts = ["-keystore", "msfkeystore", "-storepass", "msfstorepass",`
			`"-keypass", "msfkeypass", "-signedJar", "s#{outputJar}",`
			`outputJar, "signFiles"]`

			`jarsigner._invoke('main','[Ljava.lang.String;',jarsignerOpts)`