Re: Java RMI service finderprint?

[Gabriel Lawrence <gabriel.lawrence () gmail com>]

> Hm. I'm not sure if I understand you completely. To my understanding, most
> normal applications which use rmi uses a regular rmi registry. The
> registry contains
> an object called "jmx-connector". See the first output-example in the
> source code (does not 'survive' into the nsedoc, I just noticed - only
> the last @output makes it):
> http://nmap.org/svn/scripts/rmi-dumpregistry.nse
If you look at how to set up tomcat for remote management:

They are encouraging people to pick arbitrary an arbitrary port for the
registry that supports the management interface. Probably to keep
it separate from a registry used to support RMI in a servlet...

 set CATALINA_OPTS=-Dcom.sun.management.jmxremote \
    -Dcom.sun.management.jmxremote.port=%my.jmx.port% \
    -Dcom.sun.management.jmxremote.ssl=false \
    -Dcom.sun.management.jmxremote.authenticate=false

From:

http://tomcat.apache.org/tomcat-7.0-doc/monitoring.html

The real  world use of this i'm seeing is that people are picking some
random 8k port for this.

I'm going to play a bit with getting the RMI code you've got there to auth
against JMX. Will let you know if it materializes into anything.

gabe
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/