Coder Social home page Coder Social logo

Comments (4)

the-bumble avatar the-bumble commented on August 30, 2024 1

So, I did a little research. This appears to be a deprecated JBOSS JNDI service. I verified this via a local install of an older version of JBOSS (using https://hub.docker.com/r/paulosalgado/jboss5). This was the response I got from the 1099 port:

��srjava.rmi.MarshalledObject|���c�>IhashlocBytest[BobjBytesq~xp4m�ur[B��T�xp*��thttp://server:8083/q~q~uq~ì�sr org.jnp.server.NamingServer_Stubxr�java.rmi.server.RemoteStub���ɋ�e�xrjava.rmi.server.RemoteObject�a��
                 a3xpw7
  UnicastRef2
             9f704f1eadebJh��DAx/p$q�uv�1�=�x^C

References:

There wasn't much information, but from what I can find, this JNDI service provides a connection stub for other services. It's a non-JRMP service, not an rmiregistry, and I'm not sure if it's even an interactive service, so unfortunately RMIScout won't be able to help you with this endpoint. I believe it's targeted at JMX remote management and that 18083 port above may be a more interesting service.

There is some guidance on connecting to/attacking JMX services here:

Best of luck! :)

(Closing the ticket, as this particular service returns a JNDI stub and is not an RMI service.)

from rmiscout.

the-bumble avatar the-bumble commented on August 30, 2024

Hey @b4cktr4ck2,

Happy to help out! Could you try running java -jar rmiscout-1.4-SNAPSHOT-all.jar list <IP> <PORT>? RMIScout automatically bypasses cert validation, but that error could occur if there is unrecognized protocol (e.g., non-RMI). As the error message indicated, it's possible the remote service uses IIOP (usually runs on port 1050). You will need to run RMIScout with JRE 8 to use the IIOP feature.

If the above command, doesn't help. Try nmap --script rmi-dumpregistry <IP> -p <PORT> -Pn, which is the nmap equivalent.

Let me know what you find!

Jake

from rmiscout.

b4cktr4ck2 avatar b4cktr4ck2 commented on August 30, 2024

Hey Jake- sure thing! I ran the command you recommended and got the following message from rmiscout:

Server is offline or does not use RMI, RMI-SSL, or RMI-IIOP.

What's interesting is that the nmap script doesn't return any data either- the only way I can get data from this port is from the "Fingerprint-Strings" script, which returns:

PORT      STATE SERVICE     REASON  VERSION
11099/tcp open  java-object syn-ack Java Object Serialization
| fingerprint-strings: 
|   NULL: 
|     java.rmi.MarshalledObject|
|     hash[
|     locBytest
|     objBytesq
|     %http://HOSTNAME.LOCAL:18083/q
|     org.jnp.server.NamingServer_Stub
|     java.rmi.server.RemoteStub
|     java.rmi.server.RemoteObject
|     xpwB
|     UnicastRef2

Additionally, I noticed that when attempting to curl the host on port 11099, I receive an error message stating something about an sslv3 invalid handshake...I know my OpenSSL version was built without SSLV3 support- is it possible that this is the issue? The server doesn't support TLSv1.0 or anything newer than SSLv3.

Cheers!

from rmiscout.

b4cktr4ck2 avatar b4cktr4ck2 commented on August 30, 2024

Thanks for the insight Jake!

from rmiscout.

Related Issues (16)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.