Module: Msf::Exploit::Remote::Java::Rmi::Client::Registry

Includes:: Builder, Parser

Included in:: Msf::Exploit::Remote::Java::Rmi::Client

Defined in:: lib/msf/core/exploit/remote/java/rmi/client/registry.rb,
lib/msf/core/exploit/remote/java/rmi/client/registry/parser.rb,
lib/msf/core/exploit/remote/java/rmi/client/registry/builder.rb

Overview

This mixin provides methods to simulate calls to the Java java/rmi/registry/RegistryImpl_Stub interface

Defined Under Namespace

Modules: Builder, Parser

Instance Method Summary collapse

#registry_interface_hash ⇒ Integer

Calculates the hash to make RMI calls for the java/rmi/registry/RegistryImpl_Stub interface.
#send_registry_list(opts = {}) ⇒ Array, NilClass

Sends a Registry list call to the RMI endpoint.
#send_registry_lookup(opts = {}) ⇒ Hash, NilClass

Sends a Registry lookup call to the RMI endpoint.

Methods included from Parser

#parse_registry_list, #parse_registry_lookup_endpoint

Methods included from Builder

#build_registry_list, #build_registry_lookup

Instance Method Details

#registry_interface_hash ⇒ `Integer`

Calculates the hash to make RMI calls for the java/rmi/registry/RegistryImpl_Stub interface

Returns:

(Integer) —

The interface's hash

# File 'lib/msf/core/exploit/remote/java/rmi/client/registry.rb', line 92

def registry_interface_hash
  hash = calculate_interface_hash(
    [
      {
        name: 'bind',
        descriptor: '(Ljava/lang/String;Ljava/rmi/Remote;)V',
        exceptions: ['java.rmi.AccessException', 'java.rmi.AlreadyBoundException', 'java.rmi.RemoteException']
      },
      {
        name: 'list',
        descriptor: '()[Ljava/lang/String;',
        exceptions: ['java.rmi.AccessException', 'java.rmi.RemoteException']
      },
      {
        name: 'lookup',
        descriptor: '(Ljava/lang/String;)Ljava/rmi/Remote;',
        exceptions: ['java.rmi.AccessException', 'java.rmi.NotBoundException', 'java.rmi.RemoteException']
      },
      {
        name: 'rebind',
        descriptor: '(Ljava/lang/String;Ljava/rmi/Remote;)V',
        exceptions: ['java.rmi.AccessException', 'java.rmi.RemoteException']
      },
      {
        name: 'unbind',
        descriptor: '(Ljava/lang/String;)V',
        exceptions: ['java.rmi.AccessException', 'java.rmi.NotBoundException', 'java.rmi.RemoteException']
      }
    ]
  )

  hash
end

#send_registry_list(opts = {}) ⇒ `Array`, `NilClass`

Sends a Registry list call to the RMI endpoint. Simulates a call to the Java java/rmi/registry/RegistryImpl_Stub#list() method

Parameters:

opts (Hash) (defaults to: {})

Options Hash (opts):

:sock (Rex::Socket::Tcp)

Returns:

(Array, NilClass) —

The set of names if success, nil otherwise

Raises:

(Rex::Proto::Rmi::Exception) —

if the endpoint raises a remote exception

#send_registry_lookup(opts = {}) ⇒ `Hash`, `NilClass`

Sends a Registry lookup call to the RMI endpoint. Simulates a call to the Java java/rmi/registry/RegistryImpl_Stub#lookup() method.

Parameters:

opts (Hash) (defaults to: {})

Options Hash (opts):

:sock (Rex::Socket::Tcp)

Returns:

(Hash, NilClass) —

The remote reference information if success, nil otherwise

Raises:

(Rex::Proto::Rmi::Exception) —

if the endpoint raises a remote exception

Module: Msf::Exploit::Remote::Java::Rmi::Client::Registry

Overview

Defined Under Namespace

Instance Method Summary collapse

Methods included from Parser

Methods included from Builder

Instance Method Details

#registry_interface_hash ⇒ Integer

#send_registry_list(opts = {}) ⇒ Array, NilClass

#send_registry_lookup(opts = {}) ⇒ Hash, NilClass

#registry_interface_hash ⇒ `Integer`

#send_registry_list(opts = {}) ⇒ `Array`, `NilClass`

#send_registry_lookup(opts = {}) ⇒ `Hash`, `NilClass`