Patrick

Script Script to defeat Java Application Blocked issues

Background
I made a post a few weeks ago on a way to manually defeat Java Application Blocked issues when trying to connect to various iKVM interfaces. Today I re-installed Windows 10 and lost my old exceptions.list file which had gotten pretty big.

I read Terry Kennedy's comment that the actual list is found in exception.sites here. From that post the plain text file with one line per allowed IP + http or https combo can be found in a Windows directory.

As a result, I made a little Python loop to just iterate through IP addresses. Nothing fancy.

I added lines for http and https and then just do /24's (1-254) in each IP range. You can add more or remote lines and change IP ranges as you see fit. You can also loop more than just the last digit following a similar structure. I did leave 255 out since it is usually a broadcast IP.

How you can do the same

Step 1 - make a little python file. I call mine byejava.py and this is the contents (I removed a bunch of IP ranges but here is the idea):

Code:
for x in range (1,254):
    print ("http://192.168.1." + str(x))
    print ("https://192.168.1." + str(x))
    print ("http://10.0.1." + str(x))
    print ("https://10.0.1." + str(x))
Step 2 - I then, from the command line, run the python script and create my new list
Code:
py byejava.py > exception.sites
I can then move the output exception.sites file and replace the existing exception.sites file here:
Code:
\Users\username\AppData\LocalLow\Sun\Java\Deployment\security

Step 3 - stop adding IPs 1 by 1
No more Java Application Blocked issues on internal management interfaces. Of course, this does create a big security hole since it effectively disables this security feature on private networks. Still, it saves a TON of time, especially if you are adding new gear and maintaining exception lists across PCs. I have 6 commonly used /24's that get DHCP addresses for IPMI devices. I tried http://10.0.1.* but that did not work so this is an easy way to open up entire address ranges.
Author
Patrick
Views
94
First release
Last update
Rating
0.00 star(s) 0 ratings

More resources from Patrick