java.lang.Runtime.exec() Payload Workarounds
Occasionally there are times when command execution payloads via Runtime.getRuntime().exec()
fail. This can happen when using web shells, deserialization exploits, or through other vectors.
Sometimes this is because redirection and pipe characters are used in a way that doesn’t make sense in the context of the process that’s being launched. For example, executing ls > dir_listing
in a shell should output a listing of the current directory into a file called dir_listing
. But in the context of the exec()
function, that command would instead be interpreted to fetch the listings of the >
and dir_listing
directories.
Other times, arguments with spaces within them are broken by the StringTokenizer class which splits command strings by spaces. Something like ls "My Directory"
would then be interpreted as ls '"My' 'Directory"'
.
With the help of Base64 encoding, the converter below can help reduce these issues. It can make pipes and redirects great again through calls to Bash or PowerShell and it also ensures that there aren’t spaces within arguments.
Input type: