Merge pull request #37 from qtc-de/develop

Prepare v4.3.1 Release
qtc-de · Sep 19, 2022 · 2cc574c · 2cc574c
2 parents 9d3984f + f8ccdb1
commit 2cc574c
Show file tree

Hide file tree

Showing 11 changed files with 32 additions and 23 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -6,6 +6,15 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 
+## [4.3.1] - Sep 19, 2022
+
+### Changed
+
+* Updated snakeyaml dependency to `v1.32`
+* Changed the default *ysoserial* path to `/opt/ysoserial.jar`
+* Typofix `enmeration` -> `enumeration`
+
+
 ## [4.3.0] - May 11, 2022
 
 ### Added

diff --git a/README.md b/README.md
@@ -4,7 +4,7 @@
 
 [![](https://github.com/qtc-de/remote-method-guesser/workflows/master%20maven%20CI/badge.svg?branch=master)](https://github.com/qtc-de/remote-method-guesser/actions/workflows/master.yml)
 [![](https://github.com/qtc-de/remote-method-guesser/workflows/develop%20maven%20CI/badge.svg?branch=develop)](https://github.com/qtc-de/remote-method-guesser/actions/workflows/develop.yml)
-[![](https://img.shields.io/badge/version-4.3.0-blue)](https://github.com/qtc-de/remote-method-guesser/releases)
+[![](https://img.shields.io/badge/version-4.3.1-blue)](https://github.com/qtc-de/remote-method-guesser/releases)
 [![](https://img.shields.io/badge/build%20system-maven-blue)](https://maven.apache.org/)
 ![](https://img.shields.io/badge/java-8%2b-blue)
 [![](https://img.shields.io/badge/license-GPL%20v3.0-blue)](https://github.com/qtc-de/remote-method-guesser/blob/master/LICENSE)
@@ -344,7 +344,7 @@ page](./docs/rmg/actions.md#enum).
 [+]   - DGC rejected deserialization of java.util.HashMap (JEP290 is installed).
 [+]     Vulnerability Status: Non Vulnerable
 [+]
-[+] RMI registry JEP290 bypass enmeration:
+[+] RMI registry JEP290 bypass enumeration:
 [+]
 [+]   - Caught IllegalArgumentException after sending An Trinh gadget.
 [+]     Vulnerability Status: Vulnerable

diff --git a/docker/example-server/README.md b/docker/example-server/README.md
@@ -78,7 +78,7 @@ The registry on port `1090` is *SSL* protected and contains three available boun
 [+] 	- DGC rejected deserialization of java.util.HashMap (JEP290 is installed).
 [+] 	  Vulnerability Status: Non Vulnerable
 [+]
-[+] RMI registry JEP290 bypass enmeration:
+[+] RMI registry JEP290 bypass enumeration:
 [+]
 [+] 	- Caught IllegalArgumentException after sending An Trinh gadget.
 [+] 	  Vulnerability Status: Vulnerable
@@ -144,7 +144,7 @@ The registry on port `1098` hosts an *Activation System* and has some *activatab
 [+] 	- DGC rejected deserialization of java.util.HashMap (JEP290 is installed).
 [+] 	  Vulnerability Status: Non Vulnerable
 [+]
-[+] RMI registry JEP290 bypass enmeration:
+[+] RMI registry JEP290 bypass enumeration:
 [+]
 [+] 	- Caught IllegalArgumentException after sending An Trinh gadget.
 [+] 	  Vulnerability Status: Vulnerable
@@ -210,7 +210,7 @@ registry port binds an *RMI Activator instance*, but not a full working *Activat
 [+] 	- DGC rejected deserialization of java.util.HashMap (JEP290 is installed).
 [+] 	  Vulnerability Status: Non Vulnerable
 [+]
-[+] RMI registry JEP290 bypass enmeration:
+[+] RMI registry JEP290 bypass enumeration:
 [+]
 [+] 	- Caught IllegalArgumentException after sending An Trinh gadget.
 [+] 	  Vulnerability Status: Vulnerable

diff --git a/docs/rmg/actions.md b/docs/rmg/actions.md
diff --git a/pom.xml b/pom.xml
@@ -8,7 +8,7 @@
     <artifactId>remote-method-guesser</artifactId>
     <name>remote-method-guesser</name>
     <packaging>jar</packaging>
-    <version>4.3.0</version>
+    <version>4.3.1</version>
     <description>Identify common misconfigurations on Java RMI endpoints</description>
 
     <properties>
@@ -40,7 +40,7 @@
         <dependency>
             <groupId>org.yaml</groupId>
             <artifactId>snakeyaml</artifactId>
-            <version>1.29</version>
+            <version>1.32</version>
         </dependency>
 
     </dependencies>

diff --git a/src/config.properties b/src/config.properties
@@ -60,7 +60,7 @@ argument_pos = -1
 no_canary = false
 no_progress = false
 threads = 5
-yso = /opt/ysoserial/target/ysoserial-0.0.6-SNAPSHOT-all.jar
+yso = /opt/ysoserial.jar
 dgc_method = clean
 reg_method = lookup
 

diff --git a/src/de/qtc/rmg/operations/RegistryClient.java b/src/de/qtc/rmg/operations/RegistryClient.java
@@ -475,7 +475,7 @@ public void enumLocalhostBypass()
      */
     public void enumJEP290Bypass(String regMethod, boolean localhostBypass, boolean marshal)
     {
-        Logger.printlnBlue("RMI registry JEP290 bypass enmeration:");
+        Logger.printlnBlue("RMI registry JEP290 bypass enumeration:");
         Logger.lineBreak();
         Logger.increaseIndent();
 

diff --git a/tests/jdk11/tests/enum.yml b/tests/jdk11/tests/enum.yml
@@ -152,7 +152,7 @@ tests:
           ignore_case: True
           values:
             - |-
-              [+] RMI registry JEP290 bypass enmeration:
+              [+] RMI registry JEP290 bypass enumeration:
               [+]
               [+] 	- RMI registry uses readString() for unmarshalling java.lang.String.
               [+] 	  This prevents JEP 290 bypass enumeration from remote.
@@ -267,7 +267,7 @@ tests:
           ignore_case: True
           values:
             - |-
-              [+] RMI registry JEP290 bypass enmeration:
+              [+] RMI registry JEP290 bypass enumeration:
               [+]
               [+] 	- RMI registry uses readString() for unmarshalling java.lang.String.
               [+] 	  This prevents JEP 290 bypass enumeration from remote.
@@ -383,7 +383,7 @@ tests:
           ignore_case: True
           values:
             - |-
-              [+] RMI registry JEP290 bypass enmeration:
+              [+] RMI registry JEP290 bypass enumeration:
               [+]
               [+] 	- RMI registry uses readString() for unmarshalling java.lang.String.
               [+] 	  This prevents JEP 290 bypass enumeration from remote.

diff --git a/tests/jdk8/tests/enum.yml b/tests/jdk8/tests/enum.yml
@@ -156,7 +156,7 @@ tests:
           ignore_case: True
           values:
             - |-
-              [+] RMI registry JEP290 bypass enmeration:
+              [+] RMI registry JEP290 bypass enumeration:
               [+]
               [+] 	- Caught IllegalArgumentException after sending An Trinh gadget.
               [+] 	  Vulnerability Status: Vulnerable
@@ -273,7 +273,7 @@ tests:
           ignore_case: True
           values:
             - |-
-              [+] RMI registry JEP290 bypass enmeration:
+              [+] RMI registry JEP290 bypass enumeration:
               [+]
               [+] 	- Caught IllegalArgumentException after sending An Trinh gadget.
               [+] 	  Vulnerability Status: Vulnerable
@@ -391,7 +391,7 @@ tests:
           ignore_case: True
           values:
             - |-
-              [+] RMI registry JEP290 bypass enmeration:
+              [+] RMI registry JEP290 bypass enumeration:
               [+]
               [+] 	- Caught IllegalArgumentException after sending An Trinh gadget.
               [+] 	  Vulnerability Status: Vulnerable

diff --git a/tests/jdk9/tests/enum.yml b/tests/jdk9/tests/enum.yml
@@ -156,7 +156,7 @@ tests:
           ignore_case: True
           values:
             - |-
-              [+] RMI registry JEP290 bypass enmeration:
+              [+] RMI registry JEP290 bypass enumeration:
               [+]
               [+] 	- Caught IllegalArgumentException after sending An Trinh gadget.
               [+] 	  Vulnerability Status: Vulnerable
@@ -273,7 +273,7 @@ tests:
           ignore_case: True
           values:
             - |-
-              [+] RMI registry JEP290 bypass enmeration:
+              [+] RMI registry JEP290 bypass enumeration:
               [+]
               [+] 	- Caught IllegalArgumentException after sending An Trinh gadget.
               [+] 	  Vulnerability Status: Vulnerable
@@ -391,7 +391,7 @@ tests:
           ignore_case: True
           values:
             - |-
-              [+] RMI registry JEP290 bypass enmeration:
+              [+] RMI registry JEP290 bypass enumeration:
               [+]
               [+] 	- Caught IllegalArgumentException after sending An Trinh gadget.
               [+] 	  Vulnerability Status: Vulnerable

diff --git a/tests/tricot.yml b/tests/tricot.yml
@@ -7,7 +7,7 @@ tester:
 
   requires:
       files:
-        - /opt/ysoserial/target/ysoserial-0.0.6-SNAPSHOT-all.jar
+        - /opt/ysoserial.jar
       commands:
         - bash
         - beanshooter
@@ -18,7 +18,7 @@ tester:
         ge: 1.9.0
 
 variables:
-  rmg: rmg-4.3.0-jar-with-dependencies.jar
+  rmg: rmg-4.3.1-jar-with-dependencies.jar
   volume: /tmp/rmg-tricot-test/
   volume-d: /rce/
   codebase-class: CodebaseTest