Releases: BishopFox/rmiscout
Releases · BishopFox/rmiscout
v1.4
- Added RMI-IIOP support
- Added invoke mode
- Added automatic protocol selection for RMI-JRMP, activation stubs, and SSL
- Added automatic localhost bypass technique
- Added multi-protocol Docker demo
- More helpful error messages
- Various bug fixes
Accompanying blog post: https://labs.bishopfox.com/tech-blog/lessons-learned-on-brute-forcing-rmi-iiop-with-rmiscout
v1.03
Bug fixes and improved UX
- Core: Fixed broken exploit/probe functionality from adding activation-server support
- UX: Added method signature auto-correction, more error messages, improved details on error messages
- UX: [INFO]/[ERROR] prefixes + red/green highlighting for log messages
v1.02
- Added SSL Support: attempts cleartext connection and automatically fallsback to an non-validating SSL connection to make best effort connection. This way users don't have to deal with keystores/validation, etc. for bruteforcing XD
v1.01
- Fixed bugs with retrieving remote interface names
- Added support for servers using RMI Activation (--activation-server)
- Added unsafe support to bruteforcing (--allow-unsafe)
v1.0
Release commit