Merge pull request #50 from qtc-de/develop

Prepare v4.4.1 Release
qtc-de · Jun 22, 2023 · 86f4ca6 · 86f4ca6
2 parents 16a1d1a + 0d2ff9a
commit 86f4ca6
Show file tree

Hide file tree

Showing 47 changed files with 157 additions and 124 deletions.
diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md
@@ -0,0 +1,20 @@
+<!--
+
+Hi there :)
+
+thank you for contributing to remote-method-guesser <3 Please make sure that you used
+the development branch on your fork to commit your changes and to target the development
+branch of remote-method-guesser for this pull request.
+
+If you already commited to the main branch, you can cherry-pick your commits to the
+development branch instead:
+
+```console
+$ git log  # copy the corresponding commit IDs
+$ git checkout develop
+$ git cherry-pick <commit1>
+$ git cherry-pick <commit2>
+$ ...
+```
+
+-->
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -6,6 +6,18 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 
+## [4.4.1] - Jun 22, 2023
+
+### Added
+
+* Add pull request template (see #46)
+
+### Changed
+
+* Fix many typos (see #46)
+* Improve *rmg*s Java16+ compatibility (see #49)
+
+
 ## [4.4.0] - Jan 19, 2023
 
 ### Changed

diff --git a/README.md b/README.md
@@ -4,7 +4,7 @@
 
 [![](https://github.com/qtc-de/remote-method-guesser/workflows/master%20maven%20CI/badge.svg?branch=master)](https://github.com/qtc-de/remote-method-guesser/actions/workflows/master.yml)
 [![](https://github.com/qtc-de/remote-method-guesser/workflows/develop%20maven%20CI/badge.svg?branch=develop)](https://github.com/qtc-de/remote-method-guesser/actions/workflows/develop.yml)
-[![](https://img.shields.io/badge/version-4.4.0-blue)](https://github.com/qtc-de/remote-method-guesser/releases)
+[![](https://img.shields.io/badge/version-4.4.1-blue)](https://github.com/qtc-de/remote-method-guesser/releases)
 [![](https://img.shields.io/badge/build%20system-maven-blue)](https://maven.apache.org/)
 ![](https://img.shields.io/badge/java-8%2b-blue)
 [![](https://img.shields.io/badge/license-GPL%20v3.0-blue)](https://github.com/qtc-de/remote-method-guesser/blob/master/LICENSE)

diff --git a/docker/example-server/resources/server/src/de/qtc/rmg/server/utils/Logger.java b/docker/example-server/resources/server/src/de/qtc/rmg/server/utils/Logger.java
@@ -207,7 +207,7 @@ public static void eprintlnMixedBlueFirst(String first, String second)
         elog(eprefix() + blue(first) + " " + second);
     }
 
-    public static void erintlnMixedBlueFirst(String first, String second, String third)
+    public static void eprintlnMixedBlueFirst(String first, String second, String third)
     {
         elog(eprefix() + blue(first) + " " + second + " " + blue(third));
     }
@@ -297,7 +297,7 @@ public static void eprintMixedBlueFirst(String first, String second)
         elog(eprefix() + blue(first) + " " + second, false);
     }
 
-    public static void erintMixedBlueFirst(String first, String second, String third)
+    public static void eprintMixedBlueFirst(String first, String second, String third)
     {
         elog(eprefix() + blue(first) + " " + second + " " + blue(third), false);
     }

diff --git a/docker/ssrf-server/resources/server/src/de/qtc/rmg/server/ssrf/rmi/FileManager.java b/docker/ssrf-server/resources/server/src/de/qtc/rmg/server/ssrf/rmi/FileManager.java
@@ -78,7 +78,7 @@ public String write(String file, byte[] content) throws RemoteException, IOExcep
      *
      * @param src Source location to copy a file from
      * @param dest Destination location to copy a file to
-     * @return Status information whether the copy operation was successfull.
+     * @return Status information whether the copy operation was successful.
      */
     @Override
     public String copy(String src, String dest) throws RemoteException, IOException, InterruptedException

diff --git a/docker/ssrf-server/resources/server/src/de/qtc/rmg/server/ssrf/utils/Logger.java b/docker/ssrf-server/resources/server/src/de/qtc/rmg/server/ssrf/utils/Logger.java
@@ -207,7 +207,7 @@ public static void eprintlnMixedBlueFirst(String first, String second)
         elog(eprefix() + blue(first) + " " + second);
     }
 
-    public static void erintlnMixedBlueFirst(String first, String second, String third)
+    public static void eprintlnMixedBlueFirst(String first, String second, String third)
     {
         elog(eprefix() + blue(first) + " " + second + " " + blue(third));
     }
@@ -297,7 +297,7 @@ public static void eprintMixedBlueFirst(String first, String second)
         elog(eprefix() + blue(first) + " " + second, false);
     }
 
-    public static void erintMixedBlueFirst(String first, String second, String third)
+    public static void eprintMixedBlueFirst(String first, String second, String third)
     {
         elog(eprefix() + blue(first) + " " + second + " " + blue(third), false);
     }

diff --git a/pom.xml b/pom.xml
@@ -8,7 +8,7 @@
     <artifactId>remote-method-guesser</artifactId>
     <name>remote-method-guesser</name>
     <packaging>jar</packaging>
-    <version>4.4.0</version>
+    <version>4.4.1</version>
     <description>Identify common misconfigurations on Java RMI endpoints</description>
 
     <properties>
@@ -87,6 +87,7 @@
                     <manifestEntries>
                         <Add-Opens>
                             java.base/java.io
+                            java.base/java.lang
                             java.base/java.lang.reflect
                             java.base/jdk.internal.misc
                             java.rmi/java.rmi.server

diff --git a/resources/templates/SampleTemplate.java b/resources/templates/SampleTemplate.java
@@ -58,7 +58,7 @@ public static void main(String[] argv) {
          * Setup the default ssl.SocketFactory. The DummyTrustManager is a trust manager
          * that skips certificate verification. The SSLSocketFactory needs to be a public
          * class. To make the code self contained, the current class is implementing this
-         * interface and implements the same redirection funcationality as the
+         * interface and implements the same redirection functionality as the
          * LoopbackSocketFactory.
          */
         try {

diff --git a/src/de/qtc/rmg/endpoints/KnownEndpointHolder.java b/src/de/qtc/rmg/endpoints/KnownEndpointHolder.java
@@ -8,7 +8,7 @@
 
 /**
  * The KnownEndpointHolder is a helper class to work with KnownEndpoints. It is responsible
- * to create the list of KnownEndpoints from the known-endpoins.yml file that is contained
+ * to create the list of KnownEndpoints from the known-endpoints.yml file that is contained
  * within the remote-method-guesser .jar file. Furthermore, it can be used to perform certain
  * operations on the list, like checking whether a KnownEndpoint exists in the list or returning
  * a KnownEndpoint by name.
@@ -45,7 +45,7 @@ public void setKnownEndpoints(List<KnownEndpoint> knownEndpoints)
 
     /**
      * Can be used to lookup a class name within the List of KnownEndpoints. The first endpoint
-     * that contains the corresponding class name within it's className list is returned. If no
+     * that contains the corresponding class name within its className list is returned. If no
      * endpoint is matching, return null.
      *
      * @param className KnownEndpoint className to look for

diff --git a/src/de/qtc/rmg/exceptions/MalformedPluginException.java b/src/de/qtc/rmg/exceptions/MalformedPluginException.java
@@ -2,7 +2,7 @@
 
 /**
  * MalformedPluginExceptions are thrown then an rmg plugin was specified on the command
- * line that does not satisfy the plugin requirements. Usually that happens then the
+ * line that does not satisfy the plugin requirements. Usually, if that happens, then the
  * Manifest of the corresponding plugin does not contain a reference to the rmg plugin
  * class.
  *

diff --git a/src/de/qtc/rmg/internal/ArgumentHandler.java b/src/de/qtc/rmg/internal/ArgumentHandler.java
@@ -326,7 +326,7 @@ public EnumSet<ScanAction> getScanActions()
      * @return array of int which contains all ports that should be scanned
      */
     @SuppressWarnings("unchecked")
-    public int[] getRmiPots()
+    public int[] getRmiPorts()
     {
         Set<Integer> rmiPorts = new HashSet<Integer>();
 

diff --git a/src/de/qtc/rmg/internal/CodebaseCollector.java b/src/de/qtc/rmg/internal/CodebaseCollector.java
@@ -14,12 +14,12 @@
 /**
  * The CodebaseCollector class is used to detect server specified codebases and to report
  * them to the user. Such a functionality sounds easy to implement, but it was surprisingly
- * difficult. Java RMI does not support programmatically access to an RMI servers codebase,
+ * difficult. Java RMI does not support programmatically access to an RMI server's codebase,
  * but only uses it internally for class loading purposes.
  *
  * The trick is to override the default class loader by using the java.rmi.server.RMIClassLoaderSpi
  * property. This property is used to determine the class that is actually used to perform the
- * class loading and it's functions are called with the servers specified codebase (if available).
+ * class loading and its functions are called with the server's specified codebase (if available).
  * When a server side codebase is available, the codebase parameter for methods within RMIClassLoaderSpi
  * is a String that contains the corresponding codebase URL. If no codebase was specified, the codebase
  * parameter is set to null. However, this is only true if the client is running with useCodebaseOnly=false,
@@ -38,7 +38,7 @@
  * From remote-method-guesser v4.3.0, this class also handles issues that are caused by the probably missing
  * activation system. If the server returns an ActivatableRef, this class is probably no longer existing in
  * the currently running JVM, as it was deprecated and removed in 2021. This class checks whether the
- * ActivatbaleRef class is requested and creates it dynamically if required.
+ * ActivatableRef class is requested and creates it dynamically if required.
  *
  * From remote-method-guesser v4.3.2, this class has another purpose of handling uncommon serialVersionUIDs.
  * The regular case is that legacy RMI stubs have a serialVersionUID of 2L. However, it was observed that not
@@ -98,7 +98,7 @@ public Class<?> loadClass(String codebase, String name, ClassLoader defaultLoade
             }
 
             if (name.equals("sun.rmi.server.ActivatableRef"))
-                RMGUtils.makeActivatbaleRef();
+                RMGUtils.makeActivatableRef();
 
             resolvedClass = originalLoader.loadClass(codebase, name, defaultLoader);
 
@@ -186,7 +186,7 @@ public static HashMap<String,Set<String>> getCodebases()
      * Add a new className<->serialVersionUID pair to the serialVersionUID map.
      *
      * @param className  the className to add to the map
-     * @param serialVersionUID  the serialVerisonUID to add to the map
+     * @param serialVersionUID  the serialVersionUID to add to the map
      */
     public static void addSerialVersionUID(String className, long serialVersionUID)
     {

diff --git a/src/de/qtc/rmg/internal/ExceptionHandler.java b/src/de/qtc/rmg/internal/ExceptionHandler.java
@@ -75,12 +75,12 @@ public static void alreadyBoundException(Exception e, String boundName)
 
     public static void nonLocalhost(Exception e, String callName, boolean bypass)
     {
-        Logger.eprintlnMixedYellow("Registry", "rejected " + callName + " call", "because it was not send from localhost.");
+        Logger.eprintlnMixedYellow("Registry", "rejected " + callName + " call", "because it was not sent from localhost.");
 
         if(!bypass)
             Logger.eprintlnMixedBlue("You can attempt to bypass this restriction using the", "--localhost-bypass", "option.");
         else
-            Logger.eprintlnMixedBlue("Localhost bypass was used but", "failed.");
+            Logger.eprintlnMixedBlue("Localhost bypass was used, but", "failed.");
 
         showStackTrace(e);
     }
@@ -97,7 +97,7 @@ public static void deserializeClassNotFound(Exception e)
         Logger.eprintlnMixedYellow("Server", "accepted", "deserialization of the supplied gadget, but");
         Logger.eprintlnMixedBlue("during the deserialization, a", "ClassNotFoundException", "was encountered.");
         Logger.eprintMixedYellow("The supplied gadget may have", "worked anyway", "or it is ");
-        Logger.eprintlnPlainMixedBlueFirst("not available", "on the servers classpath.");
+        Logger.eprintlnPlainMixedBlueFirst("not available", "on the server's classpath.");
         showStackTrace(e);
     }
 
@@ -109,7 +109,7 @@ public static void deserializeClassNotFoundRandom(Exception e, String during1, S
         showStackTrace(e);
     }
 
-    public static void deserlializeClassCast(Exception e, boolean wasString)
+    public static void deserializeClassCast(Exception e, boolean wasString)
     {
         Logger.printlnMixedYellow("Caught", "ClassCastException", "during deserialization attack.");
 
@@ -262,22 +262,22 @@ public static void unsupportedOperationExceptionEnum(Exception e, String callNam
     public static void accessControl(Exception e, String during1, String during2)
     {
         Logger.eprintlnMixedYellow("Caught unexpected", "AccessControlException", "during " + during1 + " " + during2 + ".");
-        Logger.eprintlnMixedBlue("The servers", "SecurityManager", "may refused the operation.");
+        Logger.eprintlnMixedBlue("The server's", "SecurityManager", "may refused the operation.");
         showStackTrace(e);
     }
 
     public static void singleEntryRegistry(Exception e, String during1)
     {
         Logger.eprintlnMixedYellow("- Caught", "AccessException", "during " + during1 + "call.");
-        Logger.eprintlnMixedBlue("  --> The servers seems to use a", "SingleEntryRegistry", "(probably JMX based).");
+        Logger.eprintlnMixedBlue("  --> The server seems to use a", "SingleEntryRegistry", "(probably JMX based).");
         Logger.statusUndecided("Vulnerability");
         showStackTrace(e);
     }
 
     public static void noSuchObjectException(Exception e, String object, boolean exit)
     {
         Logger.eprintlnMixedYellow("Caught", "NoSuchObjectException", "during RMI call.");
-        Logger.eprintlnMixedBlue("There seems to be no", object, "object avaibale on the specified endpoint.");
+        Logger.eprintlnMixedBlue("There seems to be no", object, "object available on the specified endpoint.");
         showStackTrace(e);
 
         if(exit)
@@ -313,7 +313,7 @@ public static void noSuchObjectExceptionRegistryEnum()
     public static void eofException(Exception e, String during1, String during2)
     {
         Logger.eprintlnMixedYellow("Caught unexpected", "EOFException", "during " + during1 + " " + during2 + ".");
-        Logger.eprintlnMixedBlue("One possible reason is a missmatch in the", "TLS", "settings.");
+        Logger.eprintlnMixedBlue("One possible reason is a mismatch in the", "TLS", "settings.");
 
         ExceptionHandler.sslOption();
 
@@ -386,7 +386,7 @@ public static void cannotCompile(Exception e, String during1, String during2, bo
 
     public static void unknownHost(Exception e, String host, boolean exit)
     {
-        Logger.eprintlnMixedYellow("Caugth", "UnknownHostException", "during connection setup.");
+        Logger.eprintlnMixedYellow("Caught", "UnknownHostException", "during connection setup.");
         Logger.eprintlnMixedBlue("The IP address of the endpoint", host, "could not be resolved.");
         showStackTrace(e);
 
@@ -396,7 +396,7 @@ public static void unknownHost(Exception e, String host, boolean exit)
 
     public static void networkUnreachable(Exception e, String during1, String during2)
     {
-        Logger.eprintlnMixedYellow("Caugth", "SocketException", "during " + during1 + " " + during2 + ".");
+        Logger.eprintlnMixedYellow("Caught", "SocketException", "during " + during1 + " " + during2 + ".");
         Logger.eprintlnMixedBlue("The specified target is", "not reachable", "with your current network configuration.");
         showStackTrace(e);
         RMGUtils.exit();
@@ -631,7 +631,7 @@ public static <T extends Throwable> void stackTrace(T e)
      * Taken from https://stackoverflow.com/questions/17747175/how-can-i-loop-through-exception-getcause-to-find-root-cause-with-detail-messa
      * Returns the actual cause of an exception.
      *
-     * @param e Exception that should be handeled.
+     * @param e Exception that should be handled.
      * @return cause of the Exception.
      */
     public static Throwable getCause(Throwable e)
@@ -834,10 +834,10 @@ public static void handleGadgetCallException(Exception exception, RMIComponent c
             } else if( cause instanceof java.lang.ClassCastException ) {
 
                 if ( RMGUtils.createdByReadString(cause.getMessage()) )
-                    ExceptionHandler.deserlializeClassCast(e, true);
+                    ExceptionHandler.deserializeClassCast(e, true);
 
                 else
-                    ExceptionHandler.deserlializeClassCast(e, false);
+                    ExceptionHandler.deserializeClassCast(e, false);
 
             } else {
                 ExceptionHandler.unknownDeserializationException(e);
@@ -846,10 +846,10 @@ public static void handleGadgetCallException(Exception exception, RMIComponent c
         } catch( java.lang.ClassCastException e ) {
 
             if ( RMGUtils.createdByReadString(e.getMessage()) )
-                ExceptionHandler.deserlializeClassCast(e, true);
+                ExceptionHandler.deserializeClassCast(e, true);
 
             else
-                ExceptionHandler.deserlializeClassCast(e, false);
+                ExceptionHandler.deserializeClassCast(e, false);
 
         } catch( java.lang.IllegalArgumentException e ) {
             ExceptionHandler.illegalArgument(e);
@@ -864,7 +864,7 @@ public static void handleGadgetCallException(Exception exception, RMIComponent c
             if( t instanceof java.lang.ClassNotFoundException ) {
                 Logger.eprintlnMixedYellow("Caught local", "ClassNotFoundException", "during deserialization attack.");
                 Logger.eprintlnMixedBlue("This usually occurs when the", "gadget caused an exception", "on the server side.");
-                Logger.eprintlnMixedYellow("You probably entered entered an", "invalid command", "for the gadget.");
+                Logger.eprintlnMixedYellow("You probably entered an", "invalid command", "for the gadget.");
                 ExceptionHandler.showStackTrace(e);
 
             } else {

diff --git a/src/de/qtc/rmg/internal/Pair.java b/src/de/qtc/rmg/internal/Pair.java
@@ -1,7 +1,7 @@
 package de.qtc.rmg.internal;
 
 /**
- * For the MethodArhuments class, a Pair type is required. Unfortunately, Java 8 does not support such a
+ * For the MethodArguments class, a Pair type is required. Unfortunately, Java 8 does not support such a
  * type natively. This class is a very basic implementation that fulfills the requirements.
  *
  * @author Tobias Neitzel (@qtc_de)