Explore code execution techniques using JDK scripting tools and the Nashorn Javascript Engine in this BSides Cleveland 2018 conference talk. Delve into the history of JDK versions, discover jrunscript and its syntax, and learn how to extend Java programming capabilities. Gain insights on downloading files, executing system commands, and running local and remote scripts. Examine the advantages and disadvantages for offensive operations, including a demonstration of a base64 encoded one-liner reverse shell. Understand detection methods such as command line logging, user agent string monitoring, and process monitoring. Discover prevention strategies like application whitelisting and JDK uninstallation. Enhance your knowledge of both offensive and defensive aspects of JDK scripting tools in this comprehensive security presentation.
Overview
Syllabus
Intro
DISCLAIMER
ABOUT ME
OUTLINE
JDK VERSION HISTORY
HOW DID I FIND THESE TOOLS?
JRUNSCRIPT - WHAT IS IT?
JRUNSCRIPT - SYNTAX
JRUNSCRIPT - EVAL GLOBAL FUNCTIONS
JRUNSCRIPT & JJS - FILE LOCATION
SCRIPTING SYNTAX
EXTENDING THE JAVA PROGRAMMING LANGUAGE
DOWNLOADING FILES
EXECUTE SYSTEM COMMANDS
LOADING & RUNNING LOCAL SCRIPTS
LOADING & RUNNING REMOTE SCRIPTS
BASE64 ENCODED ONE-LINER REVERSE SHELL
ADVANTAGES & DISADVANTAGES FOR OFFENSE
DETECTION & PREVENTION
DETECTION - FULL COMMAND LINE LOGGING
DETECTION - USER AGENT STRING MONITORING
DETECTION - PROCESS MONITORING
PREVENTION - APPLICATION WHITELISTING
PREVENTION - UNINSTALL JDK
QUESTIONS?
