Update actions

.github/workflows/develop-example-server.yml → .github/workflows/example-server.yml

@@ -1,34 +1,36 @@
-name: example server - develop
+name: example server
 
 on:
   push:
-    branches:
-      - develop
-    paths:
-      - 'docker/example-server/**'
   pull_request:
     branches:
+      - master
       - develop
     paths:
-      - 'docker/example-server/**'
+      - 'docker/example-server/resources/server/**'
 
 jobs:
   build:
 
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@v2
+    - name: ${{ github.event.repository.name }}
+      uses: actions/checkout@v4
+
     - name: Set up JDK 1.8
-      uses: actions/setup-java@v1
+      uses: actions/setup-java@v4
       with:
-        java-version: 1.8
+        distribution: 'temurin'
+        java-version: 8
+
     - name: Cache local Maven repository
-      uses: actions/cache@v2
+      uses: actions/cache@v3
       with:
         path: ~/.m2/repository
         key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
         restore-keys: |
           ${{ runner.os }}-maven-
+
     - name: Build with Maven
       run: cd docker/example-server/resources/server && mvn -B package --file pom.xml

.github/workflows/develop.yml → .github/workflows/rmg.yml

@@ -1,15 +1,12 @@
-name: develop maven CI
+name: maven CI
 
 on:
   push:
-    branches:
-      - develop
-    paths:
-      - 'src/**'
-      - 'pom.xml'
   pull_request:
     branches:
+      - master
       - develop
+      - 'feat/**'
     paths:
       - 'src/**'
       - 'pom.xml'
@@ -21,15 +18,17 @@ jobs:
 
     steps:
 
-    - uses: actions/checkout@v2
+    - name: ${{ github.event.repository.name }}
+      uses: actions/checkout@v4
 
     - name: Set up JDK 1.8
-      uses: actions/setup-java@v1
+      uses: actions/setup-java@v4
       with:
-        java-version: 1.8
+        distribution: 'temurin'
+        java-version: 8
 
     - name: Cache local Maven repository
-      uses: actions/cache@v2
+      uses: actions/cache@v3
       with:
         path: ~/.m2/repository
         key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
@@ -40,7 +39,7 @@ jobs:
       run: mvn -B package --file pom.xml
 
     - name: Archive generated JAR file
-      uses: actions/upload-artifact@v2
+      uses: actions/upload-artifact@v4
       with:
-        name: rmg-develop-artifact
+        name: rmg-compiled-jar
         path: target/rmg-*

.github/workflows/master-ssrf-server.yml → .github/workflows/spring-server.yml

@@ -1,34 +1,37 @@
-name: ssrf server - master
+name: spring server
 
 on:
   push:
-    branches:
-      - master
-    paths:
-      - 'docker/ssrf-server/**'
   pull_request:
     branches:
       - master
+      - develop
     paths:
-      - 'docker/ssrf-server/**'
+      - 'docker/spring-remoting/resources/server/**'
 
 jobs:
   build:
 
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@v2
+    steps:
+    - name: ${{ github.event.repository.name }}
+      uses: actions/checkout@v4
+
     - name: Set up JDK 1.8
-      uses: actions/setup-java@v1
+      uses: actions/setup-java@v4
       with:
-        java-version: 1.8
+        distribution: 'temurin'
+        java-version: 8
+
     - name: Cache local Maven repository
-      uses: actions/cache@v2
+      uses: actions/cache@v3
       with:
         path: ~/.m2/repository
         key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
         restore-keys: |
           ${{ runner.os }}-maven-
+
     - name: Build with Maven
-      run: cd docker/ssrf-server/resources/server && mvn -B package --file pom.xml
+      run: cd docker/spring-remoting/resources/server/ && mvn -B package --file pom.xml

.github/workflows/develop-ssrf-server.yml → .github/workflows/ssrf-server.yml

@@ -1,34 +1,37 @@
-name: ssrf server - develop
+name: ssrf server
 
 on:
   push:
-    branches:
-      - develop
-    paths:
-      - 'docker/ssrf-server/**'
   pull_request:
     branches:
+      - master
       - develop
     paths:
-      - 'docker/ssrf-server/**'
+      - 'docker/ssrf-server/resources/server/**'
 
 jobs:
   build:
 
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@v2
+    steps:
+    - name: ${{ github.event.repository.name }}
+      uses: actions/checkout@v4
+
     - name: Set up JDK 1.8
-      uses: actions/setup-java@v1
+      uses: actions/setup-java@v4
       with:
-        java-version: 1.8
+        distribution: 'temurin'
+        java-version: 8
+
     - name: Cache local Maven repository
-      uses: actions/cache@v2
+      uses: actions/cache@v3
       with:
         path: ~/.m2/repository
         key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
         restore-keys: |
           ${{ runner.os }}-maven-
+
     - name: Build with Maven
       run: cd docker/ssrf-server/resources/server && mvn -B package --file pom.xml

README.md

@@ -2,8 +2,8 @@
 
 ---
 
-[![](https://github.com/qtc-de/remote-method-guesser/workflows/master%20maven%20CI/badge.svg?branch=master)](https://github.com/qtc-de/remote-method-guesser/actions/workflows/master.yml)
-[![](https://github.com/qtc-de/remote-method-guesser/workflows/develop%20maven%20CI/badge.svg?branch=develop)](https://github.com/qtc-de/remote-method-guesser/actions/workflows/develop.yml)
+[![](https://github.com/qtc-de/remote-method-guesser/workflows/maven%20CI/badge.svg?branch=master)](https://github.com/qtc-de/remote-method-guesser/actions/workflows/rmg.yml)
+[![](https://github.com/qtc-de/remote-method-guesser/workflows/maven%20CI/badge.svg?branch=develop)](https://github.com/qtc-de/remote-method-guesser/actions/workflows/rmg.yml)
 [![](https://img.shields.io/badge/version-4.4.1-blue)](https://github.com/qtc-de/remote-method-guesser/releases)
 [![](https://img.shields.io/badge/build%20system-maven-blue)](https://maven.apache.org/)
 ![](https://img.shields.io/badge/java-8%2b-blue)
@@ -22,19 +22,24 @@ within the *Arsenal* sessions. The recording of the session and the correspondin
 * Slides: [https://www.slideshare.net/TobiasNeitzel/remotemethodguesser-bhusa2021-arsenal](https://www.slideshare.net/TobiasNeitzel/remotemethodguesser-bhusa2021-arsenal)
 * Recording: [https://youtu.be/t_aw1mDNhzI](https://youtu.be/t_aw1mDNhzI)
 
-[![](https://github.com/qtc-de/remote-method-guesser/workflows/example%20server%20-%20master/badge.svg?branch=master)](https://github.com/qtc-de/remote-method-guesser/actions/workflows/master-example-server.yml)
-[![](https://github.com/qtc-de/remote-method-guesser/workflows/example%20server%20-%20develop/badge.svg?branch=develop)](https://github.com/qtc-de/remote-method-guesser/actions/workflows/develop-example-server.yml)
-[![](https://github.com/qtc-de/remote-method-guesser/workflows/ssrf%20server%20-%20master/badge.svg?branch=master)](https://github.com/qtc-de/remote-method-guesser/actions/workflows/master-ssrf-server.yml)
-[![](https://github.com/qtc-de/remote-method-guesser/workflows/ssrf%20server%20-%20develop/badge.svg?branch=develop)](https://github.com/qtc-de/remote-method-guesser/actions/workflows/develop-ssrf-server.yml)
+[![](https://github.com/qtc-de/remote-method-guesser/workflows/example%20server/badge.svg?branch=master)](https://github.com/qtc-de/remote-method-guesser/actions/workflows/example-server.yml)
+[![](https://github.com/qtc-de/remote-method-guesser/workflows/example%20server/badge.svg?branch=develop)](https://github.com/qtc-de/remote-method-guesser/actions/workflows/example-server.yml)
+[![](https://github.com/qtc-de/remote-method-guesser/workflows/ssrf%20server/badge.svg?branch=master)](https://github.com/qtc-de/remote-method-guesser/actions/workflows/ssrf-server.yml)
+[![](https://github.com/qtc-de/remote-method-guesser/workflows/ssrf%20server/badge.svg?branch=develop)](https://github.com/qtc-de/remote-method-guesser/actions/workflows/ssrf-server.yml)
+[![](https://github.com/qtc-de/remote-method-guesser/workflows/spring%20server/badge.svg?branch=master)](https://github.com/qtc-de/remote-method-guesser/actions/workflows/spring-server.yml)
+[![](https://github.com/qtc-de/remote-method-guesser/workflows/spring%20server/badge.svg?branch=develop)](https://github.com/qtc-de/remote-method-guesser/actions/workflows/spring-server.yml)
 
-The *remote-method-guesser* repository contains two example servers that can be used to practice *Java RMI* enumeration and attacks.
+The *remote-method-guesser* repository contains three example servers that can be used to practice *Java RMI* enumeration and attacks.
 The [rmg-example-server](/docker/example-server) exposes regular *RMI* services that can be enumerated and exploited using *remote-method-guesser*.
 The [rmg-ssrf-server](/docker/ssrf-server) exposes an *HTTP* service that is vulnerable to *SSRF* attacks and runs *RMI* services that are only
 listening on localhost. This can be used to practice with *remote-method-guesser's* ``--ssrf`` and ``--ssrf-response`` options.
-Both servers are available as containers within the *GitHub Container Registry*:
+The [spring-remoting-server](/docker/spring-remoting) exposes RMI interfaces created via *Spring Remoting*. These are a little bit different from
+regular Java RMI and can be used to test the associated Spring Remoting integration of remote-method-guesser.
+All servers are available as containers within the *GitHub Container Registry*:
 
 * [SSRF Server GitHub Package](https://github.com/qtc-de/remote-method-guesser/pkgs/container/remote-method-guesser%2Frmg-ssrf-server)
 * [Example Server GitHub Package](https://github.com/qtc-de/remote-method-guesser/pkgs/container/remote-method-guesser%2Frmg-example-server)
+* [Spring Remoting Server GitHub Package](https://github.com/qtc-de/remote-method-guesser/pkgs/container/remote-method-guesser%2Fspring-remoting-server)
 
 
 ### Table of Contents