Cobalt Strike's Smart Applet Attack combines several exploits to disable the Java security sandbox into one package.
This tool is available through Attacks -> Web Drive-by -> Smart Applet Attack. This attack starts a Cobalt Strike web server hosting a Java applet. Initially, this applet runs in Java's security sandbox and it does not require user approval to start.
Set the URI Path and Port to configure the webserver.
Check Enable SSL to serve this content over SSL. This option is available when you specify a valid SSL certificate in your Malleable C2 profile.
The smart applet analyzes its environment and decides which Java exploit to use. If the Java version is vulnerable, the applet will disable the security sandbox, and spawn a session using Cobalt Strike's Java injector.
These exploits in this attack work against Java 1.7u21 and older. Java 1.6u45 and below is also vulnerable to this attack.
Press Launch to start the attack.