Table of Contents

Shortnote

mkyong explains how newer versions of Java can access network card details via the NetworkInterface class. The following example retrieves the MAC address - but it is further adaptable to retrieve the local IP as well.

Even if you spoof your MAC, the code has direct access to the hardware and can retrive your true MAC address hard-coded in the ROM (a comment from a tester explains that on mkyong page).

Mitigation

  • Block all Java applets (and relive the renaissance age of the Internet).
  • Use a VM.

Code

App.java
package com.mkyong;
 
import java.net.InetAddress;
import java.net.NetworkInterface;
import java.net.SocketException;
import java.net.UnknownHostException;
 
public class App{
 
   public static void main(String[] args){
 
	InetAddress ip;
	try {
 
		ip = InetAddress.getLocalHost();
		System.out.println("Current IP address : " + ip.getHostAddress());
 
		NetworkInterface network = NetworkInterface.getByInetAddress(ip);
 
		byte[] mac = network.getHardwareAddress();
 
		System.out.print("Current MAC address : ");
 
		StringBuilder sb = new StringBuilder();
		for (int i = 0; i < mac.length; i++) {
			sb.append(String.format("%02X%s", mac[i], (i < mac.length - 1) ? "-" : ""));		
		}
		System.out.println(sb.toString());
 
	} catch (UnknownHostException e) {
 
		e.printStackTrace();
 
	} catch (SocketException e){
 
		e.printStackTrace();
 
	}
 
   }
 
}

web/data_mining/java_applets.txt ยท Last modified: 2017/02/22 18:30 (external edit)

Access website using Tor


For the copyright, license, warranty and privacy terms for the usage of this website please see the license and privacy pages.