Add additional exception handling for standard

When using the standard action, a compiled class file is send to the application server as part of a TemplatesImpl payload. This class file is dynamically compiled using the locally used version of Java. If this version is too new, the application server may refuse to load the precompiled class. This exeception is now caught and an error msg should explain the issue.
qtc-de · Dec 9, 2023 · fdd73a5 · fdd73a5
1 parent 673b3be
commit fdd73a5
Showing 1 changed file with 18 additions and 2 deletions.
diff --git a/beanshooter/src/eu/tneitzel/beanshooter/operation/Dispatcher.java b/beanshooter/src/eu/tneitzel/beanshooter/operation/Dispatcher.java
@@ -23,6 +23,7 @@
 import javax.management.modelmbean.ModelMBeanOperationInfo;
 import javax.management.modelmbean.RequiredModelMBean;
 import javax.xml.transform.Templates;
+import javax.xml.transform.TransformerConfigurationException;
 
 import org.jolokia.client.exception.J4pRemoteException;
 
@@ -421,14 +422,29 @@ public void standard()
 
         catch (RuntimeMBeanException e)
         {
-            Throwable t = ExceptionHandler.getCause(e);
+            Throwable cause = ExceptionHandler.getCause(e);
 
-            if (t instanceof NullPointerException)
+            if (cause instanceof NullPointerException)
             {
                 Logger.printlnMixedBlue("Caught", "NullPointerException", "while invoking the newTransformer action.");
                 Logger.printlnMixedBlue("This is expected bahavior and the attack most likely", "worked", ":)");
             }
 
+            else if (cause instanceof TransformerConfigurationException)
+            {
+                if (cause.getMessage().contains("Could not load the translet class '"))
+                {
+                    Logger.printlnMixedBlue("The", "translet class", "could not be loaded by the server.");
+                    Logger.printlnMixedYellow("This can occur when your Java version", "is newer", "than the version used by the server.");
+                    Logger.printlnMixedBlue("You can retry the attack using", "an older", "Java version.");
+                }
+
+                else
+                {
+                    ExceptionHandler.unexpectedException(e, "standard", "action", true);
+                }
+            }
+
             else
             {
                 ExceptionHandler.unexpectedException(e, "standard", "action", true);