Port 1098/1099- Pentesting Java RMI
Enumeration
Remote Method Guesser
Exploitation
https://github.com/BishopFox/rmiscout to explore and try to find RCE vulnerabilities. https://github.com/NickstaDB/BaRMIe to enumerate and attack
https://github.com/siberas/sjet allows an easy exploitation of insecure configured JMX services (I tried and It gave me Error: Can't connect to remote service
let me know if you know how to fix this issue).
Last updated