Java Signed Applet Attack

This tool is available through Attacks -> Web Drive-by -> Signed Applet Attack. This attack starts a Cobalt Strike web server hosting a self-signed Java applet. Visitors are asked to give the applet permission to run. When a visitor grants this permission, you gain access to their system.

Set the URI Path and Port to configure the webserver. You must specify a Win32 Listener and a Java Listener. The Java Signed Applet Attack uses Cobalt Strike's Java injector. On Windows, the Java injector will inject shellcode for the Win32 listener directly into memory for you. On other operating systems, the injector will dynamically link and execute the code for your chosen Java listener.

Press Launch to start the attack.