Java BackDoor

This is a basic backdoor in Java. I coded this as an exercise and when there were few or no backdoors in Java with source code available. Why java? Because there is always a JRE/JDK (!) in a production server, while this is not true for scripting languages (python, perl, ruby). Why not C/C++? Because there is rarely a C/C++ compiler in a real-life production environment (at least, not where I am used to pentest). And you do need the compiler if you want to run an executable for HP-UX or Tru64. So that’s why I wrote a backdoor in Java.

Nowadays, a meterpreter is a better choice; but I still use jbd from time to time.

Download Link:

jbd is a bind backdoor (it is not a reverse shell), written in Java. This means you can use it everywhere* without rebuilding it. Like any backdoor, find a way to upload it on the server, then launch it ( if you use jbd without arguments:  /path/to/java -jar /path/to/jbd-3.0.jar,  then connect to it using telnet IP_ADDRESS 65000).

Use java -jar jbd-3.0.jar –help for a detailed help and use guide.

jbd has additional options (by command line, there are no config files) to

  • SSL support – to use jbd with SSL, you can’t use telnet as client – either openssl or jbd itself with the –client switch
  • Choose ip and/or port, shell and/or its path (for example, listen only on localhost, port 65432 executing /usr/ucb/i/dont/know/csh)
  • Set a password, either in cleartext (-P option) or in MD5 (-M option); if you choose the second one, run on your PC  java -jar jbd-3.0.jar –md5 YourPasswordHere to display the Java MD5 of the password, then use it on the server with the -M option

jbd features and known bugs:

  • Easy to use, jut telnet IP PORT after you start it
  • It can handle multiple clients
  • It does not process standard input – do not use it with commands like passwd or cat (no arguments) [if you know how to handle standard input through a Process  object using Runtime, please contact me @sc0p3r]
  • You can use it on both Windows and *X (it was writte and tested mostly on *X operative systems)
  • If a telnet session hangs, just exit (Ctrl+Alt+^], …) and open another one.
  • You can kill the process closing the backdoor and disconnect all clients simply typing Bye. at the prompt, while exit will close only your session.
  • You can set a password
  • Compatibility with Java JDK > 1.3; theorically it should work even with Java 1.3. SSL compatibility is with JDK > 1.3, but you may give it a try on old servers!
  • Tested on GNU/Linux with Java 1.5, 1.6; tested on MS Windows Xp SP2 and Win7 with Java 1.4, 1.5, 1.6. Tested on Sun OS 5.9/8 with Java 1.4. Tested on HP-UX with an unknown JVM

I have been working on jbd around 2008-2009; it was born as a “copy/paste” of some classes from wsh backdoor spawn feature. Then I used it many times on “non-standard” servers (not RHEL, SUSE, Win*). I do not update this project very often.

As usual, use it only if authorized! Older Versions:

Tested on

  • SunOS 8-9
  • Ubuntu Linux > 7.xx
  • Gentoo Linux >2005
  • Windows XP Sp2
  • Windows 2003 server
  • HP-UX ?? don’t remeber

It should work everywhere, if not feel free to contact me.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s