Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: Java RMI service finderprint?
From: Gabriel Lawrence <gabriel.lawrence () gmail com>
Date: Tue, 14 Jun 2011 11:22:55 -0700



Hm. I'm not sure if I understand you completely. To my understanding, most
normal applications which use rmi uses a regular rmi registry. The
registry contains
an object called "jmx-connector". See the first output-example in the
source code (does not 'survive' into the nsedoc, I just noticed - only
the last @output makes it):
http://nmap.org/svn/scripts/rmi-dumpregistry.nse


If you look at how to set up tomcat for remote management:

They are encouraging people to pick arbitrary an arbitrary port for the
registry that supports the management interface. Probably to keep
it separate from a registry used to support RMI in a servlet...

 set CATALINA_OPTS=-Dcom.sun.management.jmxremote \
    -Dcom.sun.management.jmxremote.port=%my.jmx.port% \
    -Dcom.sun.management.jmxremote.ssl=false \
    -Dcom.sun.management.jmxremote.authenticate=false

From:

http://tomcat.apache.org/tomcat-7.0-doc/monitoring.html

The real  world use of this i'm seeing is that people are picking some
random 8k port for this.

I'm going to play a bit with getting the RMI code you've got there to auth
against JMX. Will let you know if it materializes into anything.

gabe
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]