From fbf1f89c4662528fea502187f015db322925d07f Mon Sep 17 00:00:00 2001 From: Tobias Neitzel Date: Tue, 9 Jan 2024 22:05:01 +0100 Subject: [PATCH] Argument parsing related bugfixes --- .../rmg/internal/ArgumentHandler.java | 2 +- src/eu/tneitzel/rmg/internal/RMGOption.java | 26 ++++++------ src/eu/tneitzel/rmg/operations/Operation.java | 42 +++++++++---------- 3 files changed, 35 insertions(+), 35 deletions(-) diff --git a/src/eu/tneitzel/rmg/internal/ArgumentHandler.java b/src/eu/tneitzel/rmg/internal/ArgumentHandler.java index 5bf643a..ff366d7 100644 --- a/src/eu/tneitzel/rmg/internal/ArgumentHandler.java +++ b/src/eu/tneitzel/rmg/internal/ArgumentHandler.java @@ -87,7 +87,7 @@ private Properties loadConfig(String filename) { InputStream configStream = null; - configStream = ArgumentParser.class.getResourceAsStream(defaultConfiguration); + configStream = ArgumentHandler.class.getResourceAsStream(defaultConfiguration); config.load(configStream); configStream.close(); diff --git a/src/eu/tneitzel/rmg/internal/RMGOption.java b/src/eu/tneitzel/rmg/internal/RMGOption.java index fbf4206..063742b 100644 --- a/src/eu/tneitzel/rmg/internal/RMGOption.java +++ b/src/eu/tneitzel/rmg/internal/RMGOption.java @@ -74,7 +74,7 @@ public enum RMGOption implements IOption Arguments.store(), RMGOptionGroup.NONE, new IArgumentModifier[] { - new MetaVar("path"), + new MetaVar("port"), new Type(Integer.class) }), @@ -199,7 +199,7 @@ public enum RMGOption implements IOption BIND_ADDRESS("bind-host", "host specifications the bound remote object should point to", Arguments.store(), - RMGOptionGroup.ACTION, + RMGOptionGroup.NONE, new IArgumentModifier[] { new MetaVar("host:port"), }), @@ -208,7 +208,7 @@ public enum RMGOption implements IOption BIND_BOUND_NAME("bound-name", "Bound name to use for (un)bind action", Arguments.store(), - RMGOptionGroup.ACTION, + RMGOptionGroup.NONE, new IArgumentModifier[] { new MetaVar("name"), }), @@ -241,7 +241,7 @@ public enum RMGOption implements IOption CODEBASE_CLASS("classname", "classname to load during codebase attack", Arguments.store(), - RMGOptionGroup.ACTION, + RMGOptionGroup.NONE, new IArgumentModifier[] { new MetaVar("name"), }), @@ -250,7 +250,7 @@ public enum RMGOption implements IOption CODEBASE_URL("url", "codebase URL to load the payload from", Arguments.store(), - RMGOptionGroup.ACTION, + RMGOptionGroup.NONE, new IArgumentModifier[] { new MetaVar("url"), }), @@ -259,7 +259,7 @@ public enum RMGOption implements IOption LISTEN_IP("ip", "IP address to start the listener on", Arguments.store(), - RMGOptionGroup.ACTION, + RMGOptionGroup.NONE, new IArgumentModifier[] { new MetaVar("IP"), }), @@ -268,7 +268,7 @@ public enum RMGOption implements IOption LISTEN_PORT("port", "port number to start the listener on", Arguments.store(), - RMGOptionGroup.ACTION, + RMGOptionGroup.NONE, new IArgumentModifier[] { new MetaVar("port"), new Type(Integer.class) @@ -395,7 +395,7 @@ public enum RMGOption implements IOption GADGET_NAME("gadget", "gadget name to use for the deserialization attack", Arguments.store(), - RMGOptionGroup.ACTION, + RMGOptionGroup.NONE, new IArgumentModifier[] { new MetaVar("gadget"), }), @@ -404,7 +404,7 @@ public enum RMGOption implements IOption GADGET_CMD("cmd", "command to pass for the specified gadget", Arguments.store(), - RMGOptionGroup.ACTION, + RMGOptionGroup.NONE, new IArgumentModifier[] { new MetaVar("cmd"), }), @@ -431,7 +431,7 @@ public enum RMGOption implements IOption SCAN_HOST("host", "host to perform the scan on", Arguments.store(), - RMGOptionGroup.ACTION, + RMGOptionGroup.NONE, new IArgumentModifier[] { new MetaVar("host"), }), @@ -450,7 +450,7 @@ public enum RMGOption implements IOption CALL_ARGUMENTS("arguments", "argument string to use for the call", Arguments.store(), - RMGOptionGroup.ACTION, + RMGOptionGroup.NONE, new IArgumentModifier[] { new MetaVar("args"), }), @@ -459,7 +459,7 @@ public enum RMGOption implements IOption OBJID_OBJID("objid", "ObjID string to parse", Arguments.store(), - RMGOptionGroup.ACTION, + RMGOptionGroup.NONE, new IArgumentModifier[] { new MetaVar("objid"), }), @@ -468,7 +468,7 @@ public enum RMGOption implements IOption KNOWN_CLASS("classname", "classname to check within the database", Arguments.store(), - RMGOptionGroup.ACTION, + RMGOptionGroup.NONE, new IArgumentModifier[] { new MetaVar("name"), }), diff --git a/src/eu/tneitzel/rmg/operations/Operation.java b/src/eu/tneitzel/rmg/operations/Operation.java index 608204a..79949fe 100644 --- a/src/eu/tneitzel/rmg/operations/Operation.java +++ b/src/eu/tneitzel/rmg/operations/Operation.java @@ -29,6 +29,8 @@ public enum Operation implements IAction BIND("dispatchBind", "[object] ", "Binds an object to the registry that points to listener", new RMGOption[] { RMGOption.TARGET_HOST, RMGOption.TARGET_PORT, + RMGOption.BIND_ADDRESS, + RMGOption.BIND_BOUND_NAME, RMGOption.GLOBAL_CONFIG, RMGOption.GLOBAL_NO_COLOR, RMGOption.GLOBAL_PLUGIN, @@ -41,10 +43,8 @@ public enum Operation implements IAction RMGOption.SSRF_ENCODE, RMGOption.SSRF_RAW, RMGOption.SSRF_STREAM_PROTOCOL, - RMGOption.BIND_BOUND_NAME, RMGOption.BIND_BYPASS, RMGOption.BIND_OBJID, - RMGOption.BIND_ADDRESS, RMGOption.BIND_GADGET_NAME, RMGOption.BIND_GADGET_CMD, RMGOption.YSO, @@ -57,6 +57,7 @@ public enum Operation implements IAction CALL("dispatchCall", "", "Regularly calls a method with the specified arguments", new RMGOption[] { RMGOption.TARGET_HOST, RMGOption.TARGET_PORT, + RMGOption.CALL_ARGUMENTS, RMGOption.TARGET_BOUND_NAME, RMGOption.TARGET_OBJID, RMGOption.TARGET_SIGNATURE, @@ -74,7 +75,6 @@ public enum Operation implements IAction RMGOption.SSRF_ENCODE, RMGOption.SSRF_RAW, RMGOption.SSRF_STREAM_PROTOCOL, - RMGOption.CALL_ARGUMENTS, RMGOption.FORCE_ACTIVATION, RMGOption.SERIAL_VERSION_UID, RMGOption.SOCKET_FACTORY, @@ -87,6 +87,8 @@ public enum Operation implements IAction CODEBASE("dispatchCodebase", " ", "Perform remote class loading attacks", new RMGOption[] { RMGOption.TARGET_HOST, RMGOption.TARGET_PORT, + RMGOption.CODEBASE_CLASS, + RMGOption.CODEBASE_URL, RMGOption.TARGET_BOUND_NAME, RMGOption.TARGET_OBJID, RMGOption.TARGET_SIGNATURE, @@ -103,8 +105,6 @@ public enum Operation implements IAction RMGOption.SSRF_ENCODE, RMGOption.SSRF_RAW, RMGOption.SSRF_STREAM_PROTOCOL, - RMGOption.CODEBASE_URL, - RMGOption.CODEBASE_CLASS, RMGOption.ARGUMENT_POS, RMGOption.FORCE_ACTIVATION, RMGOption.SERIAL_VERSION_UID, @@ -178,38 +178,40 @@ public enum Operation implements IAction /** Display details of known remote objects */ KNOWN("dispatchKnown", "", "Display details of known remote objects", new RMGOption[] { + RMGOption.KNOWN_CLASS, RMGOption.GLOBAL_NO_COLOR, RMGOption.GLOBAL_STACK_TRACE, - RMGOption.KNOWN_CLASS, }), /** Open ysoserials JRMP listener */ LISTEN("dispatchListen", " ", "Open ysoserials JRMP listener", new RMGOption[] { + RMGOption.LISTEN_IP, + RMGOption.LISTEN_PORT, + RMGOption.GADGET_NAME, + RMGOption.GADGET_CMD, RMGOption.GLOBAL_CONFIG, RMGOption.GLOBAL_NO_COLOR, RMGOption.GLOBAL_STACK_TRACE, RMGOption.GLOBAL_VERBOSE, RMGOption.GLOBAL_PLUGIN, - RMGOption.LISTEN_IP, - RMGOption.LISTEN_PORT, - RMGOption.GADGET_NAME, - RMGOption.GADGET_CMD, RMGOption.YSO, }), /** Print information contained within an ObjID */ OBJID("dispatchObjID", "", "Print information contained within an ObjID", new RMGOption[] { + RMGOption.OBJID_OBJID, RMGOption.GLOBAL_CONFIG, RMGOption.GLOBAL_NO_COLOR, RMGOption.GLOBAL_STACK_TRACE, RMGOption.GLOBAL_VERBOSE, - RMGOption.OBJID_OBJID, }), /** Rebinds boundname as object that points to listener */ REBIND("dispatchRebind", "[object] ", "Rebinds boundname as object that points to listener", new RMGOption[] { RMGOption.TARGET_HOST, RMGOption.TARGET_PORT, + RMGOption.BIND_ADDRESS, + RMGOption.BIND_BOUND_NAME, RMGOption.GLOBAL_CONFIG, RMGOption.GLOBAL_NO_COLOR, RMGOption.GLOBAL_PLUGIN, @@ -222,10 +224,8 @@ public enum Operation implements IAction RMGOption.SSRF_ENCODE, RMGOption.SSRF_RAW, RMGOption.SSRF_STREAM_PROTOCOL, - RMGOption.BIND_BOUND_NAME, RMGOption.BIND_BYPASS, RMGOption.BIND_OBJID, - RMGOption.BIND_ADDRESS, RMGOption.BIND_GADGET_NAME, RMGOption.BIND_GADGET_CMD, RMGOption.YSO, @@ -236,6 +236,8 @@ public enum Operation implements IAction /** Creates a rogue JMX listener (collect credentials) */ ROGUEJMX("dispatchRogueJMX", "[forward-host]", "Creates a rogue JMX listener (collect credentials)", new RMGOption[] { + RMGOption.LISTEN_IP, + RMGOption.LISTEN_PORT, RMGOption.GLOBAL_CONFIG, RMGOption.GLOBAL_NO_COLOR, RMGOption.GLOBAL_STACK_TRACE, @@ -247,18 +249,16 @@ public enum Operation implements IAction RMGOption.ROGUEJMX_FORWARD_PORT, RMGOption.ROGUEJMX_FORWARD_BOUND_NAME, RMGOption.ROGUEJMX_FORWARD_OBJID, - RMGOption.LISTEN_IP, - RMGOption.LISTEN_PORT }), /** Perform an RMI service scan on common RMI ports */ SCAN("dispatchPortScan", "[ [] ...]", "Perform an RMI service scan on common RMI ports", new RMGOption[] { + RMGOption.SCAN_HOST, + RMGOption.SCAN_PORTS, RMGOption.GLOBAL_CONFIG, RMGOption.GLOBAL_NO_COLOR, RMGOption.GLOBAL_STACK_TRACE, RMGOption.GLOBAL_VERBOSE, - RMGOption.SCAN_HOST, - RMGOption.SCAN_PORTS, RMGOption.SCAN_TIMEOUT_CONNECT, RMGOption.SCAN_TIMEOUT_READ, RMGOption.THREADS, @@ -269,6 +269,8 @@ public enum Operation implements IAction SERIAL("dispatchSerial", " ", "Perform deserialization attacks against default RMI components", new RMGOption[] { RMGOption.TARGET_HOST, RMGOption.TARGET_PORT, + RMGOption.GADGET_NAME, + RMGOption.GADGET_CMD, RMGOption.TARGET_BOUND_NAME, RMGOption.TARGET_OBJID, RMGOption.TARGET_SIGNATURE, @@ -287,8 +289,6 @@ public enum Operation implements IAction RMGOption.SSRF_RAW, RMGOption.SSRF_STREAM_PROTOCOL, RMGOption.ARGUMENT_POS, - RMGOption.GADGET_NAME, - RMGOption.GADGET_CMD, RMGOption.YSO, RMGOption.FORCE_ACTIVATION, RMGOption.SERIAL_VERSION_UID, @@ -301,6 +301,7 @@ public enum Operation implements IAction UNBIND("dispatchUnbind", "", "Removes the specified bound name from the registry", new RMGOption[] { RMGOption.TARGET_HOST, RMGOption.TARGET_PORT, + RMGOption.BIND_BOUND_NAME, RMGOption.GLOBAL_CONFIG, RMGOption.GLOBAL_NO_COLOR, RMGOption.GLOBAL_STACK_TRACE, @@ -312,7 +313,6 @@ public enum Operation implements IAction RMGOption.SSRF_ENCODE, RMGOption.SSRF_RAW, RMGOption.SSRF_STREAM_PROTOCOL, - RMGOption.BIND_BOUND_NAME, RMGOption.BIND_BYPASS, RMGOption.SOCKET_FACTORY, RMGOption.SOCKET_FACTORY_SSL, @@ -433,7 +433,7 @@ public static void addSubparsers(Subparsers argumentParser) for (Operation operation : Operation.values()) { Subparser parser = argumentParser.addParser(operation.name().toLowerCase()).help(operation.description); - GlobalOption.addOptions(parser, operation, RMGOption.values()); + GlobalOption.addOptions(parser, operation); } }