Skip to content
/ rmi-attack-demo Public

在学习Java反序列化漏洞的过程中,用来理解Java RMI程序的执行流程,演示如何攻击Java RMI程序的几个示例。

9 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

fa1c0n1/rmi-attack-demo

BranchesTags

Repository files navigation

rmi-attack-demo

在学习Java反序列化漏洞的过程中,用来理解Java RMI程序的执行流程,演示如何攻击Java RMI程序的几个示例。

示例1:

1、运行RMI服务端 src/me/mole/javarmi/RMIServer.java
2、运行RMI客户端 src/me/mole/javarmi/RMIClient.java

示例2:

1、先在远程类ExportObject rmi-attack-demo/out/production/remote-class 目录下,通过Python开启一个Http服务: python -m http.server 8000
2、运行RMI服务端 src/me/mole/javarmi/RMIServer1.java
3、运行RMI客户端 src/me/mole/javarmi/RMIClient1.java

示例3:

1、先在远程类ExportObject1 rmi-attack-demo/out/production/remote-class 目录下,通过Python开启一个Http服务: python -m http.server 8000
2、运行RMI服务端 src/me/mole/javarmi/RMIServer2.java
3、运行RMI客户端 src/me/mole/javarmi/RMIClient2.java

About

在学习Java反序列化漏洞的过程中,用来理解Java RMI程序的执行流程,演示如何攻击Java RMI程序的几个示例。

Resources

Readme
Activity

Stars

9 stars

Watchers

1 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages