Re: NSE: RMI Dumpregistry

[David Fifield <david () bamsoftware com>]

On Thu, Sep 30, 2010 at 11:42:31PM +0200, Martin Holst Swende wrote:
> Hi list,
>
> I have now rewritten and expanded large parts of the rmi registry
> dumper. I took some inspiration from Patriks OO-approach to java
> classes/fields, but most of the codebase is still based on the OpenJDK
> implementation. Some additions that have been made
> - Better protocol support, now parses out the ip:port to the actual objects
> - Catches 'custom data' , which actually discloses the classpath in some
> cases
> - Tested a lot against rmi registrys I found out on the series of tubes
>
> This script could do with some more polishing, but that's mostly
> documentation and decreasing verbosity. I think it is robust enough for
> testing, and for that reason I let the output be pretty verbose, so I
> can interpret any errors that occurs. In the final version, some of the
> debugging-info should be removed.
>
> Scripts are attached, but the latest can also be cloned or downloaded
> from http://martin.swende.se/hgwebdir.cgi/nsescripts/

Sorry again for the delay. I added the library and script using the
files from your branch.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/