The PoC exploit of ScriptKiddie from HackTheBox actually requires a binary known as jarsigner . The binary itself is bundled with the Java SDK, and my Kali Linux definitely has it, so I should have that binary installed. However, I was unable to locate this jarsigner on my machine.
I started to look for it on the internet, simply because I didn’t want to reinstall the Java SDK on my machine just to obtain this single binary file, which could potentially mess up the current system/installed apps. But, most of the search results that showed up were a bunch of documentation about how to use the binary 🙃.
In search of the missing binary - Google dork
Fortunately, by using Google dork, I discovered some sites that provide the jarsigner binary.
intitle:"index of /" bin jarsigner
I end up with this site:
I have the binary, but it can not be used yet by just simply putting the binary into the Java PATH.
Installing jarsigner
It turns out that Java binary needs to be ‘symlinked’. So, first, I’ll have to locate where is my Java binary located.
$ ls -l $(which java)
lrwxrwxrwx 1 root root 22 Nov 25 2019 /usr/bin/java -> /etc/alternatives/java
$ ls -l /etc/alternatives/java
lrwxrwxrwx 1 root root 43 Nov 25 2019 /etc/alternatives/java -> /usr/lib/jvm/java-11-openjdk-amd64/bin/java
I’ll grab the jarsigner binary from the site and drop it directly under /usr/lib/jvm/java-11-openjdk-amd64/bin/.
$ curl -s http://www.citrucoop.es/jdk-11.0.6/bin/jarsigner > /usr/lib/jvm/java-11-openjdk-amd64/bin/jarsigner
Then, I’ll make a symlink of jarsigner at /usr/bin/.
$ cd /usr/bin
$ ln -sf /usr/lib/jvm/java-11-openjdk-amd64/bin/jarsigner jarsigner
It’s working fine now.
Hold up.. isn’t it unsafe? 🤔
Absolutely! 😅 so don’t ever do this if you don’t trust the site.