This is probably (along with rmg) the most comprehensive, clean and detailed JMX/RMI attack tool I have ever seen. It is very comprehensive, and the code is just very readable, I just wanted to cheer you up mate because this has helped me landed a few shells that I would have missed either because the tools were lacking support, or because the documentation was missing vital information.
Now about the code itself: I find myself frequently in the situation where I am trying to find attributes or methods along the loaded MBeans that would be useful in an attacker's position. Before taking time for a PR, would you be interested in a module that would take a list of JMX service URLs as input, attempt to connect of each of these, and recursively enumerate attributes and methods ? That would make it very easy to grep for passwords, keystores, paths, URLs, etc across bigger scopes, not to mention some JMX servers has a pretty extensive list of MBeans and it's usually annoying to grab all the info manually.
Thoughts ?
This is probably (along with
rmg) the most comprehensive, clean and detailed JMX/RMI attack tool I have ever seen. It is very comprehensive, and the code is just very readable, I just wanted to cheer you up mate because this has helped me landed a few shells that I would have missed either because the tools were lacking support, or because the documentation was missing vital information.Now about the code itself: I find myself frequently in the situation where I am trying to find attributes or methods along the loaded MBeans that would be useful in an attacker's position. Before taking time for a PR, would you be interested in a module that would take a list of JMX service URLs as input, attempt to connect of each of these, and recursively enumerate attributes and methods ? That would make it very easy to grep for passwords, keystores, paths, URLs, etc across bigger scopes, not to mention some JMX servers has a pretty extensive list of MBeans and it's usually annoying to grab all the info manually.
Thoughts ?