v4.0.0
版本发布时间: 2021-12-06 05:50:28
qtc-de/remote-method-guesser最新发布版本:v5.1.0(2024-06-26 18:30:53)
Added
- Added the
scan
action, that performs a simple portscan for RMI services. - Added the
roguejmx
action, that spawns a rogue JMX listener. - Added the
objid
action, that inspectsObjID
values. - Added the
known
action, that lists information about known RMI classes. - Added SSRF support in form of the
--ssrf
and--ssrf-response
options. - Added an SSRF example server (docker container).
- Added the
--scan-action
option that can be used during theenum
action to perform only the specified enumeration. - Added support for custom socket factories within remote-method-guesser's plugin system.
- Added a progress bar for the
guess
action. - Added
ObjID
andTCPEndpoint
enumeration during theenum
action.
Changed
- Changed the argument layout. remote-method-guesser now uses a modular argument layout based on argparse4j.
- Changed action layout. Previously existing actions like
method
,reg
,dgc
oract
are now bundled into theserial
action. - Changed target specification during codebase attacks. To target RMI default components,
you now use the
--component
option. - Changed codebase enumeration. Now also works for non registry ports.
- Changed the DGC enumeration to Security Manager enumeration.
1、 rmg-4.0.0-jar-with-dependencies.jar 1.68MB