rmi-vuln-classloader
脚本使用类型:
portrule
脚本所属分类:
intrusive, vuln
脚本下载地址: http://nmap.org/svn/scripts/rmi-vuln-classloader.nse
Tests whether Java rmiregistry allows class loading. The default configuration of rmiregistry allows loading classes from remote URLs, which can lead to remote code execution. The vendor (Oracle/Sun) classifies this as a design feature.
Based on original Metasploit module by mihi.
References:
执行格式
nmap --script=rmi-vuln-classloader -p 1099 <target>
PORT STATE SERVICE 1099/tcp open rmiregistry | rmi-vuln: | VULNERABLE: | RMI registry default configuration remote code execution vulnerability | State: VULNERABLE | Description: | Default configuration of RMI registry allows loading classes from remote URLs which can lead to remote code executeion. | | References: |_ http://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/misc/java_rmi_server.rb
Author: Aleksandar Nikolic
License: VER007 整理 http://www.ver007.com