diff --git a/CHANGELOG.md b/CHANGELOG.md
index eaf9175..723073e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,6 +6,15 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+## [4.3.1] - Sep 19, 2022
+
+### Changed
+
+* Updated snakeyaml dependency to `v1.32`
+* Changed the default *ysoserial* path to `/opt/ysoserial.jar`
+* Typofix `enmeration` -> `enumeration`
+
+
## [4.3.0] - May 11, 2022
### Added
diff --git a/README.md b/README.md
index 0bb0365..a3caf3a 100644
--- a/README.md
+++ b/README.md
@@ -4,7 +4,7 @@
[](https://github.com/qtc-de/remote-method-guesser/actions/workflows/master.yml)
[](https://github.com/qtc-de/remote-method-guesser/actions/workflows/develop.yml)
-[](https://github.com/qtc-de/remote-method-guesser/releases)
+[](https://github.com/qtc-de/remote-method-guesser/releases)
[](https://maven.apache.org/)
[](https://github.com/qtc-de/remote-method-guesser/blob/master/LICENSE)
@@ -344,7 +344,7 @@ page](./docs/rmg/actions.md#enum).
[+] - DGC rejected deserialization of java.util.HashMap (JEP290 is installed).
[+] Vulnerability Status: Non Vulnerable
[+]
-[+] RMI registry JEP290 bypass enmeration:
+[+] RMI registry JEP290 bypass enumeration:
[+]
[+] - Caught IllegalArgumentException after sending An Trinh gadget.
[+] Vulnerability Status: Vulnerable
diff --git a/docker/example-server/README.md b/docker/example-server/README.md
index 9c0315a..c8d0d46 100644
--- a/docker/example-server/README.md
+++ b/docker/example-server/README.md
@@ -78,7 +78,7 @@ The registry on port `1090` is *SSL* protected and contains three available boun
[+] - DGC rejected deserialization of java.util.HashMap (JEP290 is installed).
[+] Vulnerability Status: Non Vulnerable
[+]
-[+] RMI registry JEP290 bypass enmeration:
+[+] RMI registry JEP290 bypass enumeration:
[+]
[+] - Caught IllegalArgumentException after sending An Trinh gadget.
[+] Vulnerability Status: Vulnerable
@@ -144,7 +144,7 @@ The registry on port `1098` hosts an *Activation System* and has some *activatab
[+] - DGC rejected deserialization of java.util.HashMap (JEP290 is installed).
[+] Vulnerability Status: Non Vulnerable
[+]
-[+] RMI registry JEP290 bypass enmeration:
+[+] RMI registry JEP290 bypass enumeration:
[+]
[+] - Caught IllegalArgumentException after sending An Trinh gadget.
[+] Vulnerability Status: Vulnerable
@@ -210,7 +210,7 @@ registry port binds an *RMI Activator instance*, but not a full working *Activat
[+] - DGC rejected deserialization of java.util.HashMap (JEP290 is installed).
[+] Vulnerability Status: Non Vulnerable
[+]
-[+] RMI registry JEP290 bypass enmeration:
+[+] RMI registry JEP290 bypass enumeration:
[+]
[+] - Caught IllegalArgumentException after sending An Trinh gadget.
[+] Vulnerability Status: Vulnerable
diff --git a/docs/rmg/actions.md b/docs/rmg/actions.md
index 3b416d6..f207300 100644
--- a/docs/rmg/actions.md
+++ b/docs/rmg/actions.md
@@ -506,7 +506,7 @@ From localhost, you can also enumerate servers that use ``readString``, by using
```console
[qtc@devbox ~]$ rmg enum 172.17.0.2 9010 --scan-action filter-bypass
-[+] RMI registry JEP290 bypass enmeration:
+[+] RMI registry JEP290 bypass enumeration:
[+]
[+] - Caught IllegalArgumentException after sending An Trinh gadget.
[+] Vulnerability Status: Vulnerabl
@@ -757,7 +757,7 @@ The following output shows an example for the ``filter-bypass`` action:
```console
[qtc@devbox ~]$ rmg enum 127.0.0.1 1090 --ssrf --gopher --encode --scan-action filter-bypass
-[+] RMI registry JEP290 bypass enmeration:
+[+] RMI registry JEP290 bypass enumeration:
[+]
[+] SSRF Payload: gopher%3A%2F%2F127.0.0.1%3A1090%2F_%254a%2552%254d%2549%2500%2502%254b%2500%2509%2531%2532%2537%252e%2530%252e%2531%252e%2531%2500%2500%2500%2500%2550%25ac%25ed%2500%2505%2577%2522%2500%2500%2500%2500%2500%2500%2500%2500%2500%2500%2500%2500%2500%2500%2500%2500%2500%2500%2500%2500%2500%2500%2500%2500%2500%2502%2544%2515%254d%25c9%25d4%25e6%253b%25df%2573%2572%2500%2523%256a%2561%2576%2561%252e%2572%256d%2569%252e%2573%2565%2572%2576%2565%2572%252e%2555%256e%2569%2563%2561%2573%2574%2552%2565%256d%256f%2574%2565%254f%2562%256a%2565%2563%2574%2545%2509%2512%2515%25f5%25e2%257e%2531%2502%2500%2503%2549%2500%2504%2570%256f%2572%2574%254c%2500%2503%2563%2573%2566%2574%2500%2528%254c%256a%2561%2576%2561%252f%2572%256d%2569%252f%2573%2565%2572%2576%2565%2572%252f%2552%254d%2549%2543%256c%2569%2565%256e%2574%2553%256f%2563%256b%2565%2574%2546%2561%2563%2574%256f%2572%2579%253b%254c%2500%2503%2573%2573%2566%2574%2500%2528%254c%256a%2561%2576%2561%252f%2572%256d%2569%252f%2573%2565%2572%2576%2565%2572%252f%2552%254d%2549%2553%2565%2572%2576%2565%2572%2553%256f%2563%256b%2565%2574%2546%2561%2563%2574%256f%2572%2579%253b%2570%2578%2572%2500%251c%256a%2561%2576%2561%252e%2572%256d%2569%252e%2573%2565%2572%2576%2565%2572%252e%2552%2565%256d%256f%2574%2565%2553%2565%2572%2576%2565%2572%25c7%2519%2507%2512%2568%25f3%2539%25fb%2502%2500%2500%2570%2578%2572%2500%251c%256a%2561%2576%2561%252e%2572%256d%2569%252e%2573%2565%2572%2576%2565%2572%252e%2552%2565%256d%256f%2574%2565%254f%2562%256a%2565%2563%2574%25d3%2561%25b4%2591%250c%2561%2533%251e%2503%2500%2500%2570%2578%2570%2577%2513%2500%2511%2555%256e%2569%2563%2561%2573%2574%2553%2565%2572%2576%2565%2572%2552%2565%2566%2532%2578%2500%2500%2500%2500%2570%2573%257d%2500%2500%2500%2502%2500%2526%256a%2561%2576%2561%252e%2572%256d%2569%252e%2573%2565%2572%2576%2565%2572%252e%2552%254d%2549%2553%2565%2572%2576%2565%2572%2553%256f%2563%256b%2565%2574%2546%2561%2563%2574%256f%2572%2579%2500%250f%256a%2561%2576%2561%252e%2572%256d%2569%252e%2552%2565%256d%256f%2574%2565%2570%2578%2572%2500%2517%256a%2561%2576%2561%252e%256c%2561%256e%2567%252e%2572%2565%2566%256c%2565%2563%2574%252e%2550%2572%256f%2578%2579%25e1%2527%25da%2520%25cc%2510%2543%25cb%2502%2500%2501%254c%2500%2501%2568%2574%2500%2525%254c%256a%2561%2576%2561%252f%256c%2561%256e%2567%252f%2572%2565%2566%256c%2565%2563%2574%252f%2549%256e%2576%256f%2563%2561%2574%2569%256f%256e%2548%2561%256e%2564%256c%2565%2572%253b%2570%2578%2570%2573%2572%2500%252d%256a%2561%2576%2561%252e%2572%256d%2569%252e%2573%2565%2572%2576%2565%2572%252e%2552%2565%256d%256f%2574%2565%254f%2562%256a%2565%2563%2574%2549%256e%2576%256f%2563%2561%2574%2569%256f%256e%2548%2561%256e%2564%256c%2565%2572%2500%2500%2500%2500%2500%2500%2500%2502%2502%2500%2500%2570%2578%2571%2500%257e%2500%2504%2577%2532%2500%250a%2555%256e%2569%2563%2561%2573%2574%2552%2565%2566%2500%2509%2531%2532%2537%252e%2530%252e%2530%252e%2531%2500%2512%25d6%2587%2500%2500%2500%2500%2500%2500%2500%257b%2500%2500%2500%2500%2500%2500%2500%2500%2500%2500%2500%2500%2500%2500%2500%2578
@@ -765,7 +765,7 @@ The following output shows an example for the ``filter-bypass`` action:
4e00093132372e302e302e310000c49651aced0005770f02c95068b90000017d8947959b800f737200226a6176612e6c616e672e496c6c6567616c417267756d656e74457863657074696f6eb58973d37d668fbc02000074002f687474703a2f2f6c6f63616c686f73743a383030302f726d692d636c6173732d646566696e6974696f6e732e6a61727872001a6a6176612e6c616e672e52756e74696d65457863657074696f6e9e5f06470a3483e502000071007e0001787200136a6176612e6c616e672e457863657074696f6ed0fd1f3e1a3b1cc402000071007e0001787200136a6176612e6c616e672e5468726f7761626c65d5c635273977b8cb0300044c000563617573657400154c6a6176612f6c616e672f5468726f7761626c653b4c000d64657461696c4d6573736167657400124c6a6176612f6c616e672f537472696e673b5b000a737461636b547261636574001e5b4c6a6176612f6c616e672f537461636b5472616365456c656d656e743b4c001473757070726573736564457863657074696f6e737400104c6a6176612f7574696c2f4c6973743b71007e0001787071007e0009740019706f7274206f7574206f662072616e67653a313233343536377572001e5b4c6a6176612e6c616e672e537461636b5472616365456c656d656e743b02462a3c3cfd223902000071007e000178700000002d7372001b6a6176612e6c616e672e537461636b5472616365456c656d656e746109c59a2636dd85020008420006666f726d617449000a6c696e654e756d6265724c000f636c6173734c6f616465724e616d6571007e00064c000e6465636c6172696e67436c61737371007e00064c000866696c654e616d6571007e00064c000a6d6574686f644e616d6571007e00064c000a6d6f64756c654e616d6571007e00064c000d6d6f64756c6556657273696f6e71007e000671007e0001787002ffffffff7074001a6a6176612e6e65742e496e6574536f636b65744164647265737370740009636865636b506f72747400096a6176612e62617365740005392e302e347371007e000d02ffffffff7071007e000f707400063c696e69743e71007e001171007e00127371007e000d02ffffffff7074000f6a6176612e6e65742e536f636b65747071007e001471007e001171007e00127371007e000d010000001674000361707074003164652e7174632e726d672e7365727665722e737372662e726d692e4c6f63616c686f7374536f636b6574466163746f727974001b4c6f63616c686f7374536f636b6574466163746f72792e6a61766174000c637265617465536f636b657470707371007e000d02ffffffff7074002173756e2e726d692e7472616e73706f72742e7463702e544350456e64706f696e74707400096e6577536f636b65747400086a6176612e726d6971007e00127371007e000d02ffffffff7074002073756e2e726d692e7472616e73706f72742e7463702e5443504368616e6e656c70740010637265617465436f6e6e656374696f6e71007e001f71007e00127371007e000d02ffffffff7071007e00217074000d6e6577436f6e6e656374696f6e71007e001f71007e00127371007e000d02ffffffff7074001973756e2e726d692e7365727665722e556e696361737452656670740006696e766f6b6571007e001f71007e00127371007e000d02ffffffff7074002d6a6176612e726d692e7365727665722e52656d6f74654f626a656374496e766f636174696f6e48616e646c657270740012696e766f6b6552656d6f74654d6574686f6471007e001f71007e00127371007e000d02ffffffff7071007e00297071007e002771007e001f71007e00127371007e000d01ffffffff740008706c6174666f726d740015636f6d2e73756e2e70726f78792e2450726f78793370740012637265617465536572766572536f636b657470707371007e000d02ffffffff7071007e001d7074000f6e6577536572766572536f636b657471007e001f71007e00127371007e000d02ffffffff7074002273756e2e726d692e7472616e73706f72742e7463702e5443505472616e73706f7274707400066c697374656e71007e001f71007e00127371007e000d02ffffffff7071007e00337074000c6578706f72744f626a65637471007e001f71007e00127371007e000d02ffffffff7071007e001d7071007e003671007e001f71007e00127371007e000d02ffffffff7074001973756e2e726d692e7472616e73706f72742e4c6976655265667071007e003671007e001f71007e00127371007e000d02ffffffff7074001f73756e2e726d692e7365727665722e556e69636173745365727665725265667071007e003671007e001f71007e00127371007e000d02ffffffff707400236a6176612e726d692e7365727665722e556e696361737452656d6f74654f626a6563747071007e003671007e001f71007e00127371007e000d02ffffffff7071007e003d7071007e003671007e001f71007e00127371007e000d02ffffffff7071007e003d7074000872656578706f727471007e001f71007e00127371007e000d02ffffffff7071007e003d7074000a726561644f626a65637471007e001f71007e00127371007e000d02fffffffe7074002d6a646b2e696e7465726e616c2e7265666c6563742e4e61746976654d6574686f644163636573736f72496d706c70740007696e766f6b653071007e001171007e00127371007e000d02ffffffff7071007e00447071007e002771007e001171007e00127371007e000d02ffffffff707400316a646b2e696e7465726e616c2e7265666c6563742e44656c65676174696e674d6574686f644163636573736f72496d706c7071007e002771007e001171007e00127371007e000d02ffffffff707400186a6176612e6c616e672e7265666c6563742e4d6574686f647071007e002771007e001171007e00127371007e000d02ffffffff707400196a6176612e696f2e4f626a65637453747265616d436c61737370740010696e766f6b65526561644f626a65637471007e001171007e00127371007e000d02ffffffff707400196a6176612e696f2e4f626a656374496e70757453747265616d7074000e7265616453657269616c4461746171007e001171007e00127371007e000d02ffffffff7071007e004f70740012726561644f7264696e6172794f626a65637471007e001171007e00127371007e000d02ffffffff7071007e004f7074000b726561644f626a6563743071007e001171007e00127371007e000d02ffffffff7071007e004f7071007e004271007e001171007e00127371007e000d02ffffffff7074002273756e2e726d692e72656769737472792e5265676973747279496d706c5f536b656c70740008646973706174636871007e001f71007e00127371007e000d02ffffffff7071007e003b7074000b6f6c64446973706174636871007e001f71007e00127371007e000d02ffffffff7071007e003b7071007e005871007e001f71007e00127371007e000d02ffffffff7074001d73756e2e726d692e7472616e73706f72742e5472616e73706f727424317074000372756e71007e001f71007e00127371007e000d02ffffffff7071007e005d7071007e005e71007e001f71007e00127371007e000d02fffffffe7074001e6a6176612e73656375726974792e416363657373436f6e74726f6c6c65727074000c646f50726976696c6567656471007e001171007e00127371007e000d02ffffffff7074001b73756e2e726d692e7472616e73706f72742e5472616e73706f72747074000b7365727669636543616c6c71007e001f71007e00127371007e000d02ffffffff7071007e00337074000e68616e646c654d6573736167657371007e001f71007e00127371007e000d02ffffffff7074003473756e2e726d692e7472616e73706f72742e7463702e5443505472616e73706f727424436f6e6e656374696f6e48616e646c65727074000472756e3071007e001f71007e00127371007e000d02ffffffff7071007e00697074000c6c616d6264612472756e243071007e001f71007e00127371007e000d02fffffffe7071007e00617071007e006271007e001171007e00127371007e000d02ffffffff7071007e00697071007e005e71007e001f71007e00127371007e000d02ffffffff707400276a6176612e7574696c2e636f6e63757272656e742e546872656164506f6f6c4578656375746f727074000972756e576f726b657271007e001171007e00127371007e000d02ffffffff7074002e6a6176612e7574696c2e636f6e63757272656e742e546872656164506f6f6c4578656375746f7224576f726b65727071007e005e71007e001171007e00127371007e000d02ffffffff707400106a6176612e6c616e672e5468726561647071007e005e71007e001171007e00127372001f6a6176612e7574696c2e436f6c6c656374696f6e7324456d7074794c6973747ab817b43ca79ede02000071007e0001787078
[qtc@devbox ~]$ rmg enum 127.0.0.1 1090 --scan-action filter-bypass --ssrf-response 4e00093132372e302e302e310000c49651aced0005770f02c95068b90000017d8947959b800f737200226a6176612e6c616e672e496c6c6567616c417267756d656e74457863657074696f6eb58973d37d668fbc02000074002f687474703a2f2f6c6f63616c686f73743a383030302f726d692d636c6173732d646566696e6974696f6e732e6a61727872001a6a6176612e6c616e672e52756e74696d65457863657074696f6e9e5f06470a3483e502000071007e0001787200136a6176612e6c616e672e457863657074696f6ed0fd1f3e1a3b1cc402000071007e0001787200136a6176612e6c616e672e5468726f7761626c65d5c635273977b8cb0300044c000563617573657400154c6a6176612f6c616e672f5468726f7761626c653b4c000d64657461696c4d6573736167657400124c6a6176612f6c616e672f537472696e673b5b000a737461636b547261636574001e5b4c6a6176612f6c616e672f537461636b5472616365456c656d656e743b4c001473757070726573736564457863657074696f6e737400104c6a6176612f7574696c2f4c6973743b71007e0001787071007e0009740019706f7274206f7574206f662072616e67653a313233343536377572001e5b4c6a6176612e6c616e672e537461636b5472616365456c656d656e743b02462a3c3cfd223902000071007e000178700000002d7372001b6a6176612e6c616e672e537461636b5472616365456c656d656e746109c59a2636dd85020008420006666f726d617449000a6c696e654e756d6265724c000f636c6173734c6f616465724e616d6571007e00064c000e6465636c6172696e67436c61737371007e00064c000866696c654e616d6571007e00064c000a6d6574686f644e616d6571007e00064c000a6d6f64756c654e616d6571007e00064c000d6d6f64756c6556657273696f6e71007e000671007e0001787002ffffffff7074001a6a6176612e6e65742e496e6574536f636b65744164647265737370740009636865636b506f72747400096a6176612e62617365740005392e302e347371007e000d02ffffffff7071007e000f707400063c696e69743e71007e001171007e00127371007e000d02ffffffff7074000f6a6176612e6e65742e536f636b65747071007e001471007e001171007e00127371007e000d010000001674000361707074003164652e7174632e726d672e7365727665722e737372662e726d692e4c6f63616c686f7374536f636b6574466163746f727974001b4c6f63616c686f7374536f636b6574466163746f72792e6a61766174000c637265617465536f636b657470707371007e000d02ffffffff7074002173756e2e726d692e7472616e73706f72742e7463702e544350456e64706f696e74707400096e6577536f636b65747400086a6176612e726d6971007e00127371007e000d02ffffffff7074002073756e2e726d692e7472616e73706f72742e7463702e5443504368616e6e656c70740010637265617465436f6e6e656374696f6e71007e001f71007e00127371007e000d02ffffffff7071007e00217074000d6e6577436f6e6e656374696f6e71007e001f71007e00127371007e000d02ffffffff7074001973756e2e726d692e7365727665722e556e696361737452656670740006696e766f6b6571007e001f71007e00127371007e000d02ffffffff7074002d6a6176612e726d692e7365727665722e52656d6f74654f626a656374496e766f636174696f6e48616e646c657270740012696e766f6b6552656d6f74654d6574686f6471007e001f71007e00127371007e000d02ffffffff7071007e00297071007e002771007e001f71007e00127371007e000d01ffffffff740008706c6174666f726d740015636f6d2e73756e2e70726f78792e2450726f78793370740012637265617465536572766572536f636b657470707371007e000d02ffffffff7071007e001d7074000f6e6577536572766572536f636b657471007e001f71007e00127371007e000d02ffffffff7074002273756e2e726d692e7472616e73706f72742e7463702e5443505472616e73706f7274707400066c697374656e71007e001f71007e00127371007e000d02ffffffff7071007e00337074000c6578706f72744f626a65637471007e001f71007e00127371007e000d02ffffffff7071007e001d7071007e003671007e001f71007e00127371007e000d02ffffffff7074001973756e2e726d692e7472616e73706f72742e4c6976655265667071007e003671007e001f71007e00127371007e000d02ffffffff7074001f73756e2e726d692e7365727665722e556e69636173745365727665725265667071007e003671007e001f71007e00127371007e000d02ffffffff707400236a6176612e726d692e7365727665722e556e696361737452656d6f74654f626a6563747071007e003671007e001f71007e00127371007e000d02ffffffff7071007e003d7071007e003671007e001f71007e00127371007e000d02ffffffff7071007e003d7074000872656578706f727471007e001f71007e00127371007e000d02ffffffff7071007e003d7074000a726561644f626a65637471007e001f71007e00127371007e000d02fffffffe7074002d6a646b2e696e7465726e616c2e7265666c6563742e4e61746976654d6574686f644163636573736f72496d706c70740007696e766f6b653071007e001171007e00127371007e000d02ffffffff7071007e00447071007e002771007e001171007e00127371007e000d02ffffffff707400316a646b2e696e7465726e616c2e7265666c6563742e44656c65676174696e674d6574686f644163636573736f72496d706c7071007e002771007e001171007e00127371007e000d02ffffffff707400186a6176612e6c616e672e7265666c6563742e4d6574686f647071007e002771007e001171007e00127371007e000d02ffffffff707400196a6176612e696f2e4f626a65637453747265616d436c61737370740010696e766f6b65526561644f626a65637471007e001171007e00127371007e000d02ffffffff707400196a6176612e696f2e4f626a656374496e70757453747265616d7074000e7265616453657269616c4461746171007e001171007e00127371007e000d02ffffffff7071007e004f70740012726561644f7264696e6172794f626a65637471007e001171007e00127371007e000d02ffffffff7071007e004f7074000b726561644f626a6563743071007e001171007e00127371007e000d02ffffffff7071007e004f7071007e004271007e001171007e00127371007e000d02ffffffff7074002273756e2e726d692e72656769737472792e5265676973747279496d706c5f536b656c70740008646973706174636871007e001f71007e00127371007e000d02ffffffff7071007e003b7074000b6f6c64446973706174636871007e001f71007e00127371007e000d02ffffffff7071007e003b7071007e005871007e001f71007e00127371007e000d02ffffffff7074001d73756e2e726d692e7472616e73706f72742e5472616e73706f727424317074000372756e71007e001f71007e00127371007e000d02ffffffff7071007e005d7071007e005e71007e001f71007e00127371007e000d02fffffffe7074001e6a6176612e73656375726974792e416363657373436f6e74726f6c6c65727074000c646f50726976696c6567656471007e001171007e00127371007e000d02ffffffff7074001b73756e2e726d692e7472616e73706f72742e5472616e73706f72747074000b7365727669636543616c6c71007e001f71007e00127371007e000d02ffffffff7071007e00337074000e68616e646c654d6573736167657371007e001f71007e00127371007e000d02ffffffff7074003473756e2e726d692e7472616e73706f72742e7463702e5443505472616e73706f727424436f6e6e656374696f6e48616e646c65727074000472756e3071007e001f71007e00127371007e000d02ffffffff7071007e00697074000c6c616d6264612472756e243071007e001f71007e00127371007e000d02fffffffe7071007e00617071007e006271007e001171007e00127371007e000d02ffffffff7071007e00697071007e005e71007e001f71007e00127371007e000d02ffffffff707400276a6176612e7574696c2e636f6e63757272656e742e546872656164506f6f6c4578656375746f727074000972756e576f726b657271007e001171007e00127371007e000d02ffffffff7074002e6a6176612e7574696c2e636f6e63757272656e742e546872656164506f6f6c4578656375746f7224576f726b65727071007e005e71007e001171007e00127371007e000d02ffffffff707400106a6176612e6c616e672e5468726561647071007e005e71007e001171007e00127372001f6a6176612e7574696c2e436f6c6c656374696f6e7324456d7074794c6973747ab817b43ca79ede02000071007e0001787078
-[+] RMI registry JEP290 bypass enmeration:
+[+] RMI registry JEP290 bypass enumeration:
[+]
[+] - Caught IllegalArgumentException after sending An Trinh gadget.
[+] Vulnerability Status: Vulnerable
diff --git a/pom.xml b/pom.xml
index 72497e0..2052ab8 100644
--- a/pom.xml
+++ b/pom.xml
@@ -8,7 +8,7 @@
remote-method-guesser
remote-method-guesser
jar
- 4.3.0
+ 4.3.1
Identify common misconfigurations on Java RMI endpoints
@@ -40,7 +40,7 @@
org.yaml
snakeyaml
- 1.29
+ 1.32
diff --git a/src/config.properties b/src/config.properties
index f66f486..53ec67a 100644
--- a/src/config.properties
+++ b/src/config.properties
@@ -60,7 +60,7 @@ argument_pos = -1
no_canary = false
no_progress = false
threads = 5
-yso = /opt/ysoserial/target/ysoserial-0.0.6-SNAPSHOT-all.jar
+yso = /opt/ysoserial.jar
dgc_method = clean
reg_method = lookup
diff --git a/src/de/qtc/rmg/operations/RegistryClient.java b/src/de/qtc/rmg/operations/RegistryClient.java
index 5a7b219..b4d93c0 100644
--- a/src/de/qtc/rmg/operations/RegistryClient.java
+++ b/src/de/qtc/rmg/operations/RegistryClient.java
@@ -475,7 +475,7 @@ public void enumLocalhostBypass()
*/
public void enumJEP290Bypass(String regMethod, boolean localhostBypass, boolean marshal)
{
- Logger.printlnBlue("RMI registry JEP290 bypass enmeration:");
+ Logger.printlnBlue("RMI registry JEP290 bypass enumeration:");
Logger.lineBreak();
Logger.increaseIndent();
diff --git a/tests/jdk11/tests/enum.yml b/tests/jdk11/tests/enum.yml
index 1a81e1c..bca52f9 100644
--- a/tests/jdk11/tests/enum.yml
+++ b/tests/jdk11/tests/enum.yml
@@ -152,7 +152,7 @@ tests:
ignore_case: True
values:
- |-
- [+] RMI registry JEP290 bypass enmeration:
+ [+] RMI registry JEP290 bypass enumeration:
[+]
[+] - RMI registry uses readString() for unmarshalling java.lang.String.
[+] This prevents JEP 290 bypass enumeration from remote.
@@ -267,7 +267,7 @@ tests:
ignore_case: True
values:
- |-
- [+] RMI registry JEP290 bypass enmeration:
+ [+] RMI registry JEP290 bypass enumeration:
[+]
[+] - RMI registry uses readString() for unmarshalling java.lang.String.
[+] This prevents JEP 290 bypass enumeration from remote.
@@ -383,7 +383,7 @@ tests:
ignore_case: True
values:
- |-
- [+] RMI registry JEP290 bypass enmeration:
+ [+] RMI registry JEP290 bypass enumeration:
[+]
[+] - RMI registry uses readString() for unmarshalling java.lang.String.
[+] This prevents JEP 290 bypass enumeration from remote.
diff --git a/tests/jdk8/tests/enum.yml b/tests/jdk8/tests/enum.yml
index a023e50..f828c29 100644
--- a/tests/jdk8/tests/enum.yml
+++ b/tests/jdk8/tests/enum.yml
@@ -156,7 +156,7 @@ tests:
ignore_case: True
values:
- |-
- [+] RMI registry JEP290 bypass enmeration:
+ [+] RMI registry JEP290 bypass enumeration:
[+]
[+] - Caught IllegalArgumentException after sending An Trinh gadget.
[+] Vulnerability Status: Vulnerable
@@ -273,7 +273,7 @@ tests:
ignore_case: True
values:
- |-
- [+] RMI registry JEP290 bypass enmeration:
+ [+] RMI registry JEP290 bypass enumeration:
[+]
[+] - Caught IllegalArgumentException after sending An Trinh gadget.
[+] Vulnerability Status: Vulnerable
@@ -391,7 +391,7 @@ tests:
ignore_case: True
values:
- |-
- [+] RMI registry JEP290 bypass enmeration:
+ [+] RMI registry JEP290 bypass enumeration:
[+]
[+] - Caught IllegalArgumentException after sending An Trinh gadget.
[+] Vulnerability Status: Vulnerable
diff --git a/tests/jdk9/tests/enum.yml b/tests/jdk9/tests/enum.yml
index ba38130..d5b29cd 100644
--- a/tests/jdk9/tests/enum.yml
+++ b/tests/jdk9/tests/enum.yml
@@ -156,7 +156,7 @@ tests:
ignore_case: True
values:
- |-
- [+] RMI registry JEP290 bypass enmeration:
+ [+] RMI registry JEP290 bypass enumeration:
[+]
[+] - Caught IllegalArgumentException after sending An Trinh gadget.
[+] Vulnerability Status: Vulnerable
@@ -273,7 +273,7 @@ tests:
ignore_case: True
values:
- |-
- [+] RMI registry JEP290 bypass enmeration:
+ [+] RMI registry JEP290 bypass enumeration:
[+]
[+] - Caught IllegalArgumentException after sending An Trinh gadget.
[+] Vulnerability Status: Vulnerable
@@ -391,7 +391,7 @@ tests:
ignore_case: True
values:
- |-
- [+] RMI registry JEP290 bypass enmeration:
+ [+] RMI registry JEP290 bypass enumeration:
[+]
[+] - Caught IllegalArgumentException after sending An Trinh gadget.
[+] Vulnerability Status: Vulnerable
diff --git a/tests/tricot.yml b/tests/tricot.yml
index 4792bd6..905f8d4 100644
--- a/tests/tricot.yml
+++ b/tests/tricot.yml
@@ -7,7 +7,7 @@ tester:
requires:
files:
- - /opt/ysoserial/target/ysoserial-0.0.6-SNAPSHOT-all.jar
+ - /opt/ysoserial.jar
commands:
- bash
- beanshooter
@@ -18,7 +18,7 @@ tester:
ge: 1.9.0
variables:
- rmg: rmg-4.3.0-jar-with-dependencies.jar
+ rmg: rmg-4.3.1-jar-with-dependencies.jar
volume: /tmp/rmg-tricot-test/
volume-d: /rce/
codebase-class: CodebaseTest