Re: Java RMI service finderprint?

[Martin Holst Swende <martin () swende se>]

Nice work!

I haven't tested it yet, need to set up an RMI test environment again
after a clean install. However, some thoughts from looking at the source:
- There are some issues with your source code formatter. See for example
rmi.lua:347 and onwards, where the code starts creeping to the right.
- In rmi.lua:405, there is a variable handles, which is 'script-local',
and, afaict shared by all script instances using the library. That
variable get's cleaned out at line 949, when an instance of a script
reads returndata from a method call. So, at a glance, it looks like
there could be issues if multiple instances of scripts are using the
library simultaneously...?
- in rmi-dumpregistry: The svn-version uses 'java-rmi', but yours uses
'rmi' in the @output-section, but 'jrmi' (with J) in the portrule and
port.version.name.
- Similarly, in rmi-jmx.nse, your portrule is:
portrule = shortport.port_or_service({1098, 1099, 1090, 8901, 8902,
8903}, {"jrmi"})
, but reporting is:  port.version.name ='rmi'

Related to what java rmi is called, in nmap-services, there is this
entrance:

rmiactivation    1098/tcp    0.000380    # RMI Activation
rmiactivation    1098/udp    0.000991    # RMI Activation
rmiregistry    1099/tcp    0.000380    # RMI Registry
rmiregistry    1099/udp    0.000661    # RMI Registry

The nmap-service-probes looks like this:
Probe TCP JavaRMI q|\x4a\x52\x4d\x49\0\x02\x4b|
rarity 8
ports 706,1098,1099,1981

match rmiregistry m|^\x4e..[0-9.]+\0\0..$|s p/Java RMI/
match rmiregistry m|^\x4e..([\w._-]+)\0\0..$|s p/GNU Classpath
grmiregistry/ h/$1/

So, it's a bit of a mess, and in conclusion:
- If a user scans a closed or filtered port 1098/1099, it will display
as 'rmiactivation'/'rmiregistry'
- If a user does service scan of any non-standard port with rmi, it will
display as 'rmiregistry'
- If a user does script scan on 1098/1099 etc, it will display as 'rmi'
or 'jrmi'

Here is an alternate suggestion:
* services uses 'rmiregistry' for 1098, 1099, because those are the
standard ports for the registry. Does anyone know what rmi activation is?
* service probes uses 'java-rmi'. The probe (afaict) does not go deep
enough to actually determine if the endpoint is a registry or some other
kind of rmi service.
* the scripts uses 'rmiregistry' when an rmi registry is detected.

Cheers!
/Martin


On 09/14/2011 02:01 AM, Gabriel Lawrence wrote:
> Hey guys,
>
> I've made some changes to this that make it work in more situations and make
> it cleaner when anonymous access is on. The older version would succeed for
> everything in your brute force dictionary when anonymous was on... making
> for some really big result sets. Doh.
>
> This tar includes a modified rmi.lua, modified rmi-dumpregistry.nse and a
> new rmi-jmx.nse.
>
> Let me know what you think.
>
> gabe
>
> On Thu, Jun 30, 2011 at 10:28 AM, Gabriel Lawrence <
> gabriel.lawrence () gmail com> wrote:
>
> > Martin,
> >
> > I'm illogical ;-) I've got a modified rmi.lua and rmi-jmx.nse that will
> > bruteforce JMX logins.
> >
> > I've attached at tar file of the three scripts for you to take a look at. I
> > need to do some cleanup and commenting still, but it works for me.
> >
> > Let me know what you think. I'd like to submit this back to nmap, but with
> > the the changes i made to ssl-enum-ciphers getting totally ignored i'm not
> > sure the best way to make sure that this effort gets used. Hopefully, if you
> > support this it will be easy to get it in.
> >
> > To get this to work, i had to modify the rmi.lua library a bit. It had some
> > specific stuff that was only accurate for the RMI Registry calls that it was
> > doing, so I cleaned that up and I added a few more argument types to support
> > the login.
> >
> > It first tries to login anonymously, then it uses the brute library
> > to brute-force its way through things.
> >
> > Assuming you think this looks reasonable, i'll clean it up a bit and add
> > some comments and send it to the list.
> >
> > Below is output:
> >
> > glawrenc@glawrenc-linux:/usr/local/share/nmap$ nmap -sV -p9999
> > -script=rmi-jmx localhost
> >
> > Starting Nmap 5.51SVN ( http://nmap.org ) at 2011-06-30 10:24 PDT
> > Nmap scan report for localhost (127.0.0.1)
> > Host is up (0.000097s latency).
> > PORT     STATE SERVICE VERSION
> > 9999/tcp open  rmi     Java RMI Registry
> > | rmi-jmx:
> > |   JMX Version: 1.0 java_runtime_1.6.0_20-b20
> > |   Anonymous access denied.
> > |   guest:gt access to JMX Service
> > |   Beans
> > |     Catalina:type=Loader,context=/AppletProxy,host=localhost-ssl
> > |
> > Catalina:type=Environment,resourcetype=Context,context=/examples,host=localhost,name=foo/bar/name2
> > |     Catalina:type=WebappClassLoader,context=/,host=localhost
> > |
> > Catalina:type=Valve,context=/SessionTest2,host=localhost,name=NonLoginAuthenticator
> > |
> > Catalina:j2eeType=Servlet,name=stock,WebModule=//localhost-ssl/examples,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:type=Valve,context=/AppletProxy,host=localhost,name=StandardContextValve
> > |
> > Catalina:j2eeType=Servlet,name=HelloWorldExample,WebModule=//localhost/examples,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:type=JspMonitor,name=jsp,WebModule=//localhost/,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:j2eeType=Servlet,name=jsp,WebModule=//localhost/examples,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:j2eeType=Servlet,name=RequestParamExample,WebModule=//localhost-ssl/examples,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:j2eeType=Servlet,name=jsp,WebModule=//localhost-ssl/,J2EEApplication=none,J2EEServer=none
> > |     java.lang:type=MemoryPool,name=Code Cache
> > |
> > Catalina:j2eeType=Servlet,name=default,WebModule=//localhost-ssl/AppletProxy,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:type=Resource,resourcetype=Global,class=org.apache.catalina.UserDatabase,name="UserDatabase"
> > |
> > Catalina:j2eeType=Servlet,name=async3,WebModule=//localhost-ssl/examples,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:j2eeType=Servlet,name=async1,WebModule=//localhost-ssl/examples,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:j2eeType=Servlet,name=async2,WebModule=//localhost-ssl/examples,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:j2eeType=Servlet,name=async0,WebModule=//localhost-ssl/examples,J2EEApplication=none,J2EEServer=none
> > |     Catalina:type=Cache,host=localhost-ssl,context=/AppletProxy
> > |
> > Catalina:type=Valve,context=/SessionTest2,host=localhost-ssl,name=NonLoginAuthenticator
> > |
> > Catalina:j2eeType=Servlet,name=jsp,WebModule=//localhost/SessionTest2,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:j2eeType=WebModule,name=//localhost-ssl/SessionTest2,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:j2eeType=Servlet,name=RequestHeaderExample,WebModule=//localhost-ssl/examples,J2EEApplication=none,J2EEServer=none
> > |     Catalina:type=NamingResources
> > |     java.lang:type=MemoryPool,name=PS Eden Space
> > |     java.lang:type=Memory
> > |     Catalina:type=Manager,context=/SessionTest2,host=localhost-ssl
> > |     Catalina:type=Realm,realmPath=/realm0
> > |     Catalina:type=MBeanFactory
> > |     Catalina:type=ThreadPool,name="http-apr-8443"
> > |
> > Catalina:j2eeType=Servlet,name=RequestHeaderExample,WebModule=//localhost/examples,J2EEApplication=none,J2EEServer=none
> > |     Catalina:type=Loader,context=/AppletProxy,host=localhost
> > |
> > Catalina:j2eeType=Servlet,name=jsp,WebModule=//localhost/AppletProxy,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:j2eeType=Servlet,name=servletToJsp,WebModule=//localhost-ssl/examples,J2EEApplication=none,J2EEServer=none
> > |     Catalina:type=Loader,context=/examples,host=localhost-ssl
> > |
> > Catalina:type=Environment,resourcetype=Context,context=/examples,host=localhost,name=foo/name1
> > |
> > Catalina:type=JspMonitor,name=jsp,WebModule=//localhost/AppletProxy,J2EEApplication=none,J2EEServer=none
> > |     Catalina:type=NamingResources,context=/,host=localhost-ssl
> > |
> > Catalina:type=WebappClassLoader,context=/AppletProxy,host=localhost-ssl
> > |
> > Catalina:type=Valve,context=/,host=localhost,name=StandardContextValve
> > |
> > Catalina:j2eeType=Servlet,name=CookieExample,WebModule=//localhost-ssl/examples,J2EEApplication=none,J2EEServer=none
> > |     Catalina:type=NamingResources,context=/examples,host=localhost
> > |     Catalina:type=Manager,context=/examples,host=localhost
> > |     Catalina:type=Cache,host=localhost,context=/examples
> > |
> > Catalina:type=Valve,context=/examples,host=localhost-ssl,name=FormAuthenticator
> > |
> > Catalina:j2eeType=WebModule,name=//localhost/examples,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:j2eeType=WebModule,name=//localhost/,J2EEApplication=none,J2EEServer=none
> > |     java.lang:type=MemoryPool,name=PS Survivor Space
> > |
> > Catalina:j2eeType=Servlet,name=default,WebModule=//localhost/SessionTest2,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:j2eeType=Servlet,name=jsp,WebModule=//localhost-ssl/AppletProxy,J2EEApplication=none,J2EEServer=none
> > |     Catalina:type=Cache,host=localhost-ssl,context=/
> > |
> > Catalina:type=JspMonitor,name=jsp,WebModule=//localhost/examples,J2EEApplication=none,J2EEServer=none
> > |     java.lang:type=Compilation
> > |
> > Catalina:j2eeType=WebModule,name=//localhost-ssl/,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:type=Environment,resourcetype=Context,context=/examples,host=localhost,name=minExemptions
> > |     Catalina:type=Loader,context=/SessionTest2,host=localhost
> > |
> > Catalina:j2eeType=Filter,name=HeaderFilter,WebModule=//localhost/,J2EEApplication=none,J2EEServer=none
> > |     Catalina:j2eeType=Filter,name=Set Character
> > Encoding,WebModule=//localhost-ssl/examples,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:type=Environment,resourcetype=Context,context=/examples,host=localhost,name=foo/name4
> > |     java.lang:type=Runtime
> > |     Catalina:type=WebappClassLoader,context=/SessionTest2,host=localhost
> > |
> > Catalina:j2eeType=Servlet,name=jsp,WebModule=//localhost-ssl/examples,J2EEApplication=none,J2EEServer=none
> > |     Catalina:type=Manager,context=/examples,host=localhost-ssl
> > |
> > Catalina:j2eeType=Servlet,name=stock,WebModule=//localhost/examples,J2EEApplication=none,J2EEServer=none
> > |     Catalina:type=WebappClassLoader,context=/,host=localhost-ssl
> > |
> > Catalina:j2eeType=Filter,name=HeaderFilter,WebModule=//localhost-ssl/examples,J2EEApplication=none,J2EEServer=none
> > |     Catalina:type=Manager,context=/AppletProxy,host=localhost
> > |     Catalina:type=NamingResources,context=/,host=localhost
> > |     Users:type=UserDatabase,database=UserDatabase
> > |
> > Catalina:j2eeType=Filter,name=HeaderFilter,WebModule=//localhost-ssl/AppletProxy,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:type=Environment,resourcetype=Context,context=/examples,host=localhost-ssl,name=minExemptions
> > |
> > Catalina:type=Environment,resourcetype=Context,context=/examples,host=localhost-ssl,name=foo/bar/name2
> > |
> > Catalina:j2eeType=Servlet,name=ChatServlet,WebModule=//localhost/examples,J2EEApplication=none,J2EEServer=none
> > |     Catalina:type=ProtocolHandler,port=8080
> > |     Catalina:j2eeType=Filter,name=Timing
> > filter,WebModule=//localhost-ssl/examples,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:j2eeType=Filter,name=HeaderFilter,WebModule=//localhost/AppletProxy,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:j2eeType=Servlet,name=com.qualcomm.itsecurity.appletproxy.AppletProxyServlet,WebModule=//localhost-ssl/AppletProxy,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:j2eeType=Servlet,name=RequestInfoExample,WebModule=//localhost-ssl/examples,J2EEApplication=none,J2EEServer=none
> > |     Catalina:type=ProtocolHandler,port=8443
> > |     Catalina:type=Cache,host=localhost-ssl,context=/examples
> > |     Catalina:j2eeType=Filter,name=Request Dumper
> > Filter,WebModule=//localhost/examples,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:type=JspMonitor,name=jsp,WebModule=//localhost-ssl/examples,J2EEApplication=none,J2EEServer=none
> > |     java.util.logging:type=Logging
> > |     Catalina:type=Realm,realmPath=/realm0/realm0
> > |     Catalina:type=Valve,name=StandardEngineValve
> > |
> > Catalina:type=Valve,context=/SessionTest2,host=localhost,name=StandardContextValve
> > |     Catalina:type=NamingResources,context=/examples,host=localhost-ssl
> > |
> > Catalina:type=NamingResources,context=/SessionTest2,host=localhost-ssl
> > |     com.sun.management:type=HotSpotDiagnostic
> > |     java.lang:type=GarbageCollector,name=PS Scavenge
> > |     Catalina:type=Mapper,port=8443
> > |     Catalina:type=ThreadPool,name="ajp-apr-8009"
> > |     Catalina:type=Cache,host=localhost,context=/AppletProxy
> > |
> > Catalina:j2eeType=Servlet,name=default,WebModule=//localhost/,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:type=JspMonitor,name=jsp,WebModule=//localhost/SessionTest2,J2EEApplication=none,J2EEServer=none
> > |     Catalina:type=Deployer,host=localhost-ssl
> > |     Catalina:type=GlobalRequestProcessor,name="ajp-apr-8009"
> > |
> > Catalina:type=Environment,resourcetype=Context,context=/examples,host=localhost-ssl,name=foo/name4
> > |     Catalina:type=Valve,host=localhost,name=AccessLogValve
> > |     Catalina:type=Manager,context=/,host=localhost-ssl
> > |
> > Catalina:j2eeType=Servlet,name=SessionExample,WebModule=//localhost-ssl/examples,J2EEApplication=none,J2EEServer=none
> > |     Catalina:type=Cache,host=localhost,context=/
> > |
> > Catalina:j2eeType=Servlet,name=CompressionFilterTestServlet,WebModule=//localhost/examples,J2EEApplication=none,J2EEServer=none
> > |     Catalina:type=Connector,port=8443
> > |
> > Catalina:type=JspMonitor,name=jsp,WebModule=//localhost-ssl/AppletProxy,J2EEApplication=none,J2EEServer=none
> > |     Catalina:type=Host,host=localhost
> > |     Catalina:type=Valve,host=localhost-ssl,name=ErrorReportValve
> > |     Catalina:type=Mapper,port=8009
> > |     java.lang:type=MemoryPool,name=PS Perm Gen
> > |
> > Catalina:type=Valve,context=/examples,host=localhost,name=FormAuthenticator
> > |
> > Catalina:j2eeType=Filter,name=HeaderFilter,WebModule=//localhost-ssl/,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:type=JspMonitor,name=jsp,WebModule=//localhost-ssl/SessionTest2,J2EEApplication=none,J2EEServer=none
> > |     Catalina:type=Connector,port=8009
> > |     Catalina:type=GlobalRequestProcessor,name="http-apr-8080"
> > |     Catalina:type=NamingResources,context=/AppletProxy,host=localhost-ssl
> > |     java.lang:type=MemoryPool,name=PS Old Gen
> > |
> > Catalina:j2eeType=Servlet,name=async0,WebModule=//localhost/examples,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:j2eeType=Servlet,name=async1,WebModule=//localhost/examples,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:j2eeType=Servlet,name=async2,WebModule=//localhost/examples,J2EEApplication=none,J2EEServer=none
> > |     java.lang:type=GarbageCollector,name=PS MarkSweep
> > |
> > Catalina:j2eeType=Servlet,name=async3,WebModule=//localhost/examples,J2EEApplication=none,J2EEServer=none
> > |     Catalina:j2eeType=Filter,name=Compression
> > Filter,WebModule=//localhost-ssl/examples,J2EEApplication=none,J2EEServer=none
> > |     Catalina:j2eeType=Filter,name=Request Dumper
> > Filter,WebModule=//localhost-ssl/examples,J2EEApplication=none,J2EEServer=none
> > |     Catalina:type=Mapper,port=8080
> > |
> > Catalina:j2eeType=Servlet,name=com.qualcomm.itsecurity.appletproxy.AppletProxyServlet,WebModule=//localhost/AppletProxy,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:j2eeType=Filter,name=HeaderFilter,WebModule=//localhost-ssl/SessionTest2,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:j2eeType=Servlet,name=RequestInfoExample,WebModule=//localhost/examples,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:type=Valve,context=/SessionTest2,host=localhost-ssl,name=StandardContextValve
> > |     Catalina:type=ServerClassLoader,name=common
> > |     Catalina:j2eeType=Filter,name=Timing
> > filter,WebModule=//localhost/examples,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:j2eeType=Servlet,name=default,WebModule=//localhost-ssl/SessionTest2,J2EEApplication=none,J2EEServer=none
> > |     Catalina:type=Loader,context=/,host=localhost
> > |
> > Catalina:j2eeType=Servlet,name=jsp,WebModule=//localhost-ssl/SessionTest2,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:j2eeType=Servlet,name=SessionExample,WebModule=//localhost/examples,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:j2eeType=Servlet,name=CookieExample,WebModule=//localhost/examples,J2EEApplication=none,J2EEServer=none
> > |     Catalina:type=Loader,context=/examples,host=localhost
> > |
> > Catalina:type=Environment,resourcetype=Context,context=/examples,host=localhost-ssl,name=name3
> > |     java.lang:type=ClassLoading
> > |
> > Catalina:j2eeType=WebModule,name=//localhost-ssl/examples,J2EEApplication=none,J2EEServer=none
> > |     Catalina:type=Deployer,host=localhost
> > |     java.lang:type=Threading
> > |
> > Catalina:type=Valve,context=/examples,host=localhost,name=StandardContextValve
> > |     Catalina:type=Server
> > |
> > Catalina:j2eeType=Servlet,name=CompressionFilterTestServlet,WebModule=//localhost-ssl/examples,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:j2eeType=Servlet,name=default,WebModule=//localhost-ssl/,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:type=Environment,resourcetype=Context,context=/examples,host=localhost,name=name3
> > |     Catalina:type=ThreadPool,name="http-apr-8080"
> > |     Catalina:type=Valve,host=localhost-ssl,name=StandardHostValve
> > |     Catalina:type=GlobalRequestProcessor,name="http-apr-8443"
> > |     Catalina:j2eeType=Filter,name=Compression
> > Filter,WebModule=//localhost/examples,J2EEApplication=none,J2EEServer=none
> > |     Catalina:type=Valve,host=localhost-ssl,name=AccessLogValve
> > |     Catalina:type=Loader,context=/SessionTest2,host=localhost-ssl
> > |     Catalina:type=Engine
> > |
> > Catalina:j2eeType=Servlet,name=default,WebModule=//localhost/AppletProxy,J2EEApplication=none,J2EEServer=none
> > |     Catalina:type=Manager,context=/,host=localhost
> > |     java.lang:type=MemoryManager,name=CodeCacheManager
> > |
> > Catalina:type=Valve,context=/AppletProxy,host=localhost,name=NonLoginAuthenticator
> > |
> > Catalina:j2eeType=Servlet,name=ChatServlet,WebModule=//localhost-ssl/examples,J2EEApplication=none,J2EEServer=none
> > |     Catalina:type=Host,host=localhost-ssl
> > |     Catalina:type=NamingResources,context=/SessionTest2,host=localhost
> > |
> > Catalina:j2eeType=Servlet,name=HelloWorldExample,WebModule=//localhost-ssl/examples,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:j2eeType=WebModule,name=//localhost/AppletProxy,J2EEApplication=none,J2EEServer=none
> > |     Catalina:type=Valve,host=localhost,name=ErrorReportValve
> > |
> > Catalina:j2eeType=Servlet,name=default,WebModule=//localhost/examples,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:j2eeType=Servlet,name=jsp,WebModule=//localhost/,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:j2eeType=Servlet,name=servletToJsp,WebModule=//localhost/examples,J2EEApplication=none,J2EEServer=none
> > |     Catalina:type=WebappClassLoader,context=/AppletProxy,host=localhost
> > |
> > Catalina:j2eeType=Servlet,name=default,WebModule=//localhost-ssl/examples,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:j2eeType=Filter,name=HeaderFilter,WebModule=//localhost/examples,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:type=Environment,resourcetype=Context,context=/examples,host=localhost-ssl,name=foo/name1
> > |     Catalina:type=Loader,context=/,host=localhost-ssl
> > |
> > Catalina:type=Valve,context=/examples,host=localhost-ssl,name=StandardContextValve
> > |
> > Catalina:j2eeType=WebModule,name=//localhost/SessionTest2,J2EEApplication=none,J2EEServer=none
> > |     Catalina:type=Cache,host=localhost-ssl,context=/SessionTest2
> > |
> > Catalina:type=WebappClassLoader,context=/SessionTest2,host=localhost-ssl
> > |     Catalina:type=Manager,context=/AppletProxy,host=localhost-ssl
> > |     Catalina:type=WebappClassLoader,context=/examples,host=localhost-ssl
> > |     Catalina:type=Valve,host=localhost,name=StandardHostValve
> > |
> > Catalina:type=Valve,context=/,host=localhost-ssl,name=StandardContextValve
> > |     Catalina:type=WebappClassLoader,context=/examples,host=localhost
> > |
> > Catalina:type=Valve,context=/AppletProxy,host=localhost-ssl,name=StandardContextValve
> > |
> > Catalina:type=JspMonitor,name=jsp,WebModule=//localhost-ssl/,J2EEApplication=none,J2EEServer=none
> > |     java.lang:type=OperatingSystem
> > |
> > Catalina:type=Valve,context=/AppletProxy,host=localhost-ssl,name=NonLoginAuthenticator
> > |     Catalina:type=StringCache
> > |     Catalina:type=Service
> > |     Catalina:j2eeType=Filter,name=Set Character
> > Encoding,WebModule=//localhost/examples,J2EEApplication=none,J2EEServer=none
> > |     Catalina:type=Cache,host=localhost,context=/SessionTest2
> > |     Catalina:type=Manager,context=/SessionTest2,host=localhost
> > |     Catalina:type=NamingResources,context=/AppletProxy,host=localhost
> > |     Catalina:type=ProtocolHandler,port=8009
> > |
> > Catalina:j2eeType=Filter,name=HeaderFilter,WebModule=//localhost/SessionTest2,J2EEApplication=none,J2EEServer=none
> > |     Catalina:type=Connector,port=8080
> > |
> > Catalina:j2eeType=WebModule,name=//localhost-ssl/AppletProxy,J2EEApplication=none,J2EEServer=none
> > |
> > Catalina:j2eeType=Servlet,name=RequestParamExample,WebModule=//localhost/examples,J2EEApplication=none,J2EEServer=none
> > |_    JMImplementation:type=MBeanServerDelegate
> >
> > Cheers,
> > gabe
> >
> > On Tue, Jun 14, 2011 at 10:37 AM, Martin Holst Swende <martin () swende se>wrote:
> >
> > > The 'next step', which I started at, would be to write an
> > > authentication-script for the jmx-connector, and use the bruteforce
> > > library to perform credentials guessing against the jmx service. I
> > > abandoned it for other things (as I recall it, authentication is a
> > > multistep process where the return values of the first call must be
> > > handled correctly - which was not trivial. Writing a bruteforcer based
> > > on java seemed much more logical, so I kind of let it go) - but I may
> > > make another effort, it would be pretty cool to have around.
> > >
> > >
> > >
> > >
> > >
> > > _______________________________________________
> > > Sent through the nmap-dev mailing list
> > > http://cgi.insecure.org/mailman/listinfo/nmap-dev
> > > Archived at http://seclists.org/nmap-dev/

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/