Attempts to exploit java's remote debugging port. When remote debugging port is left open, it is possible to inject java bytecode and achieve remote code execution. This script abuses this to inject and execute a Java class file that executes the supplied shell command and returns its output.
The script injects the JDWPSystemInfo class from nselib/jdwp-class/ and executes its run() method which accepts a shell command as its argument.
Command to execute on the remote system.
nmap -sT <target> -p <port> --script=+jdwp-exec --script-args cmd="date"
PORT STATE SERVICE REASON 2010/tcp open search syn-ack | jdwp-exec: | date output: | Sat Aug 11 15:27:21 Central European Daylight Time 2012 |_
Author: Aleksandar Nikolic
License: Same as Nmap--See https://nmap.org/book/man-legal.html