Quick Start
What is Java Chains
Java Chains is a comprehensive generation and exploitation platform for Java Payloads, providing the ability to generate various Java Payloads for testing scenarios such as JNDI injection, MySQL JDBC deserialization, JRMP deserialization, etc.
Quick Start
This platform only provides random password login protection for port 8011 by default. Other ports may be at risk of countermeasures. Remember to close the corresponding ports in a timely manner after using the relevant functions.
Method 1: Docker
You can start the java-chains project with a single command using docker (this is the recommended approach).
docker run -d \
--name java-chains \
--restart=always \
-p 8011:8011 \
-p 58080:58080 \
-p 50389:50389 \
-p 50388:50388 \
-p 3308:3308 \
-p 13999:13999 \
-p 50000:50000 \
-p 11527:11527 \
-e CHAINS_AUTH=true \
-e CHAINS_PASS= \
javachains/javachains:1.4.0
Configure authentication or password through environment variables;
CHAINS_AUTH: true to enable authentication, false to disable authentication, authentication is enabled by default.
CHAINS_PASS: Specify the web password. If this variable is empty, a random password will be generated. A random password is generated by default.
The payload generation function only requires port 8011, while other ports are used for the exploit module.
Use the following command to get the randomly generated strong password from docker.
docker logs $(docker ps | grep javachains/javachains | awk '{print $1}') | grep -E 'password'
Output example:
11-12 06:59:53.301 INFO [main] c.a.c.w.c.SecurityConfig | | password: XSsWerJFGcCjB8FU
Login page: http://your-ip:8011
Method 2: Start with Jar Package
Download link: https://github.com/vulhub/java-chains/releases/latest
Startup command:
java -jar java-chains-[version].jar
Each time you start, it will print the randomly generated password by default.
Default listening on 0.0.0.0, login page: http://your-ip:8011
You can set the web login password through environment variables, for example:
- Bash
- Cmd
- Powershell
export CHAINS_PASS=[your_password] && java -jar java-chains-[version].jar
set CHAINS_PASS=[your_password] && java -jar java-chains-[version].jar
$env:CHAINS_PASS="[your_password]"; java -jar java-chains-[version].jar
Default Port Description
| Port | Remarks |
|---|---|
| 8011 | Java Chains Web End |
| 58080 | JNDI Provides HTTP Bytecode |
| 50389 | JNDI LDAP |
| 50388 | JNDI RMI |
| 3308 | Fake MySQL Server |
| 13999 | JRMPListener |
| 50000 | HTTP Server |
| 11527 | TCP Server |