v4.0.0

版本发布时间: 2021-12-06 05:50:28

qtc-de/remote-method-guesser最新发布版本:v5.1.0(2024-06-26 18:30:53)

Added the scan action, that performs a simple portscan for RMI services.
Added the roguejmx action, that spawns a rogue JMX listener.
Added the objid action, that inspects ObjID values.
Added the known action, that lists information about known RMI classes.
Added SSRF support in form of the --ssrf and --ssrf-response options.
Added an SSRF example server (docker container).
Added the --scan-action option that can be used during the enum action to perform only the specified enumeration.
Added support for custom socket factories within remote-method-guesser's plugin system.
Added a progress bar for the guess action.
Added ObjID and TCPEndpoint enumeration during the enum action.

Changed the argument layout. remote-method-guesser now uses a modular argument layout based on argparse4j.
Changed action layout. Previously existing actions like method, reg, dgc or act are now bundled into the serial action.
Changed target specification during codebase attacks. To target RMI default components, you now use the --component option.
Changed codebase enumeration. Now also works for non registry ports.
Changed the DGC enumeration to Security Manager enumeration.