It's in metasploit! Update metasploit to the latest addition and it should be in there. I use Pro but I'm told it should also be in community addition.
Too easy. Upon setting your options and typing "exploit" or "run" it will serve the exploit as a linked .jar file from an html page. After that, the victim will have to go to the link that metasploit provides and they will be compromised. This is a client-side exploit, so I really recommend using "exploit -j" to run it in the background instead of just "exploit"
btw, don't use this on anyone without their permission.
Also, I fail to see how this is triggering any vulnerability. I looked through the code, and it's just a jar with a java encoded payload. There's no functions being targeted, there's no heaps or buffers being targeted...it's just a fucking encoded payload disguised as an archive that gets extracted by the applet. You could replace the jar file with anything you wanted to, and it would still do this.
In other words, this isn't code that exploits a vulnerability...it's a smoke and mirrors trick that takes advantage of a design flaw. Java should have known better than to auto-extract archives from applets.