File jdwp-info

脚本使用类型: portrule
脚本所属分类: default, safe, discovery
脚本下载地址: http://nmap.org/svn/scripts/jdwp-info.nse

User Summary

Attempts to exploit java's remote debugging port. When remote debugging port is left open, it is possible to inject java bytecode and achieve remote code execution. This script injects and execute a Java class file that returns remote system information.

Example Usage

执行格式

nmap -sV -sC <target>

Requires

• bin
• io
• jdwp
• stdnse
• nmap
• shortport
• string

Author: Aleksandar Nikolic

License: VER007 整理 http://www.ver007.com

portrule

portrule (host, port)

Parameters

• host:
• port:

Usage:

nmap -sT <target> -p <port> --script=+jdwp-info