• Close
  • Back to search

    Java Statement.invoke() Trusted Method Chain Privilege Escalation

    This module exploits a vulnerability in Java Runtime Environment that allows an untrusted method to run in a privileged context. The vulnerability affects version 6 prior to update 19 and version 5 prior to update 23.

    Free Metasploit Download

    Get your copy of the world's leading penetration testing tool

     Download Now

    Module Name

    exploit/multi/browser/java_trusted_chain

    Authors

    • Sami Koivu
    • Matthias Kaiser
    • egypt <egypt [at] metasploit.com>

    References

    Targets

    • Generic (Java Payload)
    • Windows Universal
    • Linux x86

    Platforms

    • java
    • linux
    • windows

    Architectures

    • java
    • x86

    Reliability

    Development

    Module Options

    To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

    msf > use exploit/multi/browser/java_trusted_chain msf exploit(java_trusted_chain) > show targets ...targets... msf exploit(java_trusted_chain) > set TARGET <target-id> msf exploit(java_trusted_chain) > show options ...show and set options... msf exploit(java_trusted_chain) > exploit

    Related Vulnerabilities