all InfoSec news
Ermir - An Evil Java RMI Registry
Oct. 30, 2022, 11:30 a.m. | noreply@blogger.com (Unknown)
KitPloit - PenTest Tools! www.kitploit.com
Ermir is an Evil/Rogue RMI Registry, it exploits unsecure deserialization on any Java code calling standard RMI methods on it (list()/lookup()/bind()/rebind()/unbind()).
- Ruby v3 or newer.
Installation
Install Ermir from rubygems.org:
$ gem install ermir
or clone the repo and build the gem:
$ git clone https://github.com/hakivvi/ermir.git
$ rake install
Usage
Ermir is a cli gem, it comes with 2 cli files ermir and gadgetmarshal, ermir is the actual gem and the latter is just a pretty interface to GadgetMarshaller.java …
More from www.kitploit.com / KitPloit - PenTest Tools!
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
Premium Hub - CoE: Business Process Senior Consultant, SAP Security Role and Authorisations & GRC
@ SAP | Dublin 24, IE, D24WA02
Product Security Response Engineer
@ Intel | CRI - Belen, Heredia
Application Security Architect
@ Uni Systems | Brussels, Brussels, Belgium
Sr Product Security Engineer
@ ServiceNow | Hyderabad, India
Analyst, Cybersecurity & Technology (Initial Application Deadline May 20th, Final Deadline May 31st)
@ FiscalNote | United Kingdom (UK)