Prepare v5.1.0 Release

.github/workflows/pages.yml

@@ -0,0 +1,61 @@
+name: Publish JavaDoc
+
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - src/**
+      - .github/workflows/pages.yml
+
+permissions:
+  contents: read
+  pages: write
+  id-token: write
+
+concurrency:
+  group: "pages"
+  cancel-in-progress: false
+
+jobs:
+
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout ${{ github.event.repository.name }}
+        uses: actions/checkout@v4
+
+      - name: Setup Pages
+        uses: actions/configure-pages@v3
+
+      - name: Set up JDK 1.8
+        uses: actions/setup-java@v4
+        with:
+          distribution: 'temurin'
+          java-version: 8
+          cache: maven
+          cache-dependency-path: pom.xml
+
+      - name: Build Docs
+        run: |
+          mvn javadoc:javadoc
+
+      - name: Upload artifact
+        uses: actions/upload-pages-artifact@v2
+        with:
+          path: 'target/site/apidocs/'
+
+  deploy:
+    runs-on: ubuntu-latest
+
+    environment:
+      name: github-pages
+      url: ${{ steps.deployment.outputs.page_url }}
+
+    needs: build
+
+    steps:
+      - name: Deploy to GitHub Pages
+        id: deployment
+        uses: actions/deploy-pages@v2

CHANGELOG.md

@@ -6,7 +6,31 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 
-## [5.0.0] - Dec 23, 2023
+## v5.1.0 - Jun 26, 2024
+
+### Added
+
+* Add GitHub pages for [Javadoc](https://qtc-de.github.io/remote-method-guesser/)
+* Add [IActionProvider](/src/eu/tneitzel/rmg/plugin/IActionProvider.java) plugin interface
+* Add [plugin template](/plugins/template)
+* Add [Quartz Scheduler plugin](/plugins/quartz-scheduler)
+* Add [Quartz Scheduler container](/docker/quartz-server)
+* Add `--objid` support for guess operation
+
+### Changed
+
+* Change argparse4j dependency to https://github.com/qtc-de/argparse4j
+* Change CHANGELOG.md version format (af1c52137277cacfe2ccc9c166fd68770ae3e213)
+* Change option name `--generic-print` to `--show-response`
+* Improve RMI class loading for plugin classes (454a9fd17653ce3bceba58a9ba989e344ee2c7c7)
+* Improve `scan` action reliability (#62)
+* Refactor plugin system ([README](/plugins/README.md))
+* IArgumentProvider now accepts an array of arguments instead of a string (a653e6367260ba46333e596d81da283a64fc80f1)
+* Let `enum` action continue on RemoteObject retrieval errors
+* Change default ysoserial path to `~/ysoserial.jar`
+
+
+## v5.0.0 - Dec 23, 2023
 
 ### Added
 
@@ -22,7 +46,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 * Stream corruption errors during method guessing are only displayed if `--verbose` is used
 
 
-## [4.4.1] - Jun 22, 2023
+## v4.4.1 - Jun 22, 2023
 
 ### Added
 
@@ -34,7 +58,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 * Improve *rmg*s Java16+ compatibility (see #49)
 
 
-## [4.4.0] - Jan 19, 2023
+## v4.4.0 - Jan 19, 2023
 
 ### Changed
 
@@ -44,7 +68,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 * Make *rmg* Java16+ compatible
 
 
-## [4.3.1] - Sep 19, 2022
+## v4.3.1 - Sep 19, 2022
 
 ### Changed
 
@@ -53,7 +77,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 * Typofix `enmeration` -> `enumeration`
 
 
-## [4.3.0] - May 11, 2022
+## v4.3.0 - May 11, 2022
 
 ### Added
 
@@ -70,15 +94,15 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 * The [example server](/docker/example-server) now provides a full working *Activation System* on port `1098`
 
 
-## [4.2.2] - Jan 11, 2022
+## v4.2.2 - Jan 11, 2022
 
 ### Changed
 
 * Fix missing ``--no-progress`` option for some actions
 * Fix some typos inside the help menu
 
 
-## [4.2.1] - Jan 07, 2022
+## v4.2.1 - Jan 07, 2022
 
 ### Changed
 
@@ -87,7 +111,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 * Improve test cases
 
 
-## [4.2.0] - Dec 30, 2021
+## v4.2.0 - Dec 30, 2021
 
 ### Changed
 
@@ -97,7 +121,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 * Updated test cases.
 
 
-## [4.1.0] - Dec 23, 2021
+## v4.1.0 - Dec 23, 2021
 
 ### Added
 
@@ -118,7 +142,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 * Bugfix: Indentation issue within the *SSRF* server
 
 
-## [4.0.0] - Dec 05, 2021
+## v4.0.0 - Dec 05, 2021
 
 ### Added
 
@@ -148,7 +172,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 * Changed the *DGC enumeration* to *Security Manager* enumeration.
 
 
-## [3.3.0] - June 20, 2021
+## v3.3.0 - June 20, 2021
 
 ### Added
 
@@ -171,7 +195,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 * Some small bug fixes
 
 
-## [3.2.0] - Apr 02, 2021
+## v3.2.0 - Apr 02, 2021
 
 ### Added
 
@@ -193,7 +217,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 * The default wordlist and template files are now contained within the *rmg* JAR file
 
 
-## [3.1.1] - Feb 16, 2021
+## v3.1.1 - Feb 16, 2021
 
 ### Changed
 
@@ -202,7 +226,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
   that will be resolved in version ``v3.2.0``.
 
 
-## [3.1.0] - Feb 14, 2021
+## v3.1.0 - Feb 14, 2021
 
 ### Added
 
@@ -239,7 +263,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 * Removed support for JSON output
 
 
-## [3.0.0] - Nov 28, 2020
+## v3.0.0 - Nov 28, 2020
 
 ### Added
 
@@ -266,7 +290,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 * The docker container compiles the *example-server* now during build time
 
 
-## [2.0.0] - Sep 30, 2020
+## v2.0.0 - Sep 30, 2020
 
 ### Added
 
@@ -287,7 +311,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 * Remove old example server
 
 
-## [1.1.0] - Aug 06, 2020
+## v1.1.0 - Aug 06, 2020
 
 ### Added
 
@@ -297,6 +321,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 * Add support for primitive types in interfaces
 
 
-## [1.0.0] - Nov 26, 2020
+## v1.0.0 - Nov 26, 2020
 
 Initial release :)

Dockerfile

@@ -28,7 +28,7 @@ COPY --from=jdk-builder /jdk /usr/lib/jvm/java-11-openjdk
 RUN set -ex                                                         \
     && ln -s /usr/lib/jvm/java-11-openjdk/bin/java /usr/bin/java    \
     && adduser -g '' -D -u 1000 rmg-user                            \
-    && wget -O /opt/ysoserial.jar https://github.com/frohoff/ysoserial/releases/latest/download/ysoserial-all.jar
+    && wget -O /home/rmg-user/ysoserial.jar https://github.com/frohoff/ysoserial/releases/latest/download/ysoserial-all.jar
 
 USER rmg-user:rmg-user
 

README.md

@@ -4,7 +4,7 @@
 
 [![maven CI](https://github.com/qtc-de/remote-method-guesser/actions/workflows/maven-ci.yml/badge.svg?branch=master)](https://github.com/qtc-de/remote-method-guesser/actions/workflows/maven-ci.yml)
 [![maven CI](https://github.com/qtc-de/remote-method-guesser/actions/workflows/maven-ci.yml/badge.svg?branch=develop)](https://github.com/qtc-de/remote-method-guesser/actions/workflows/maven-ci.yml)
-[![](https://img.shields.io/badge/version-5.0.0-blue)](https://github.com/qtc-de/remote-method-guesser/releases)
+[![](https://img.shields.io/badge/version-5.1.0-blue)](https://github.com/qtc-de/remote-method-guesser/releases)
 [![](https://img.shields.io/badge/build%20system-maven-blue)](https://maven.apache.org/)
 ![](https://img.shields.io/badge/java-8%2b-blue)
 [![](https://img.shields.io/badge/license-GPL%20v3.0-blue)](https://github.com/qtc-de/remote-method-guesser/blob/master/LICENSE)
@@ -193,18 +193,19 @@ Serving HTTP on 0.0.0.0 port 8000 (http://0.0.0.0:8000/) ...
 
 Notice that calling remote methods does not create any output by default. To process outputs generated by the ``call`` action, you need
 to use *remote-method-guesser's* [plugin system](./docs/rmg/plugin-system.md) and register a ``ResponseHandler`` or use the default
-`GenericPrint` plugin. `GenericPrint` is inlcuded into *remote-method-guesser* by default and can be activated by using the `--generic-print`
+`GenericPrint` plugin. `GenericPrint` is inlcuded into *remote-method-guesser* by default and can be activated by using the `--show-response`
 option.
 
 ```console
-[qtc@devbox remote-method-guesser]$ rmg call 172.17.0.2 9010 '"id"' --signature 'String execute(String cmd)' --bound-name plain-server --generic-print
+[qtc@devbox remote-method-guesser]$ rmg call 172.17.0.2 9010 '"id"' --signature 'String execute(String cmd)' --bound-name plain-server --show-response
 [+] uid=0(root) gid=0(root) groups=0(root)
 ```
 
-During the ``call`` action, the argument string is evaluated as a *Java expression* of the following form: ``new Object[]{ <ARG> }``. Therefore,
-you need to make sure that your argument string fits into that pattern. E.g. using ``"id"`` as an argument results in an error, as the argument is
-passed as ``id`` to *remote-method-guesser* and the resulting expression ``new Object[]{ id }`` is not a valid *Java expression*. Instead, you need
-to use ``'"id"'`` as this leads to ``new Object[]{ "id" }``, which is valid.
+During the ``call`` action, the provided arguments are evaluated as *Java expression* by inserting them into the following template:
+``new Object[]{ arg1, arg2, arg3, ... }``. Therefore, you need to make sure that your provided arguments fit into that pattern. E.g.
+using ``"id"`` as an argument results in an error, as the argument is passed as ``id`` to *remote-method-guesser* and the resulting
+expression ``new Object[]{ id }`` is not a valid *Java expression*. Instead, you need to use ``'"id"'`` as this leads to ``new Object[]{ "id" }``,
+which is valid.
 
 Moreover, primitive types need to be specified in their corresponding object representation (e.g. ``new Integer(5)`` instead of ``5``). Otherwise they
 cannot be used within the ``Object[]`` array, that is created by the *Java expression*. During the *RMI call*, the corresponding arguments are used

docker/quartz-server/CHANGELOG.md

@@ -0,0 +1,11 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+
+## v1.0.0 - MMM DD, YYYY
+
+Initial Release

docker/quartz-server/Dockerfile

@@ -0,0 +1,38 @@
+###########################################
+###            Build Stage 1            ###
+###########################################
+FROM maven:3.8.6-openjdk-8-slim AS maven-builder
+COPY ./resources/server /usr/src/app
+WORKDIR /usr/src/app
+RUN mvn clean package
+
+###########################################
+###            Build Stage 2            ###
+###########################################
+FROM alpine:latest AS jdk-builder
+RUN set -ex \
+    && apk add --no-cache openjdk11 \
+    && /usr/lib/jvm/java-11-openjdk/bin/jlink --add-modules java.rmi,java.management.rmi,jdk.unsupported,java.desktop --verbose --strip-debug --compress 2 \
+       --no-header-files --no-man-pages --output /jdk
+
+###########################################
+###          Container Stage            ###
+###########################################
+FROM alpine:latest
+
+COPY ./resources/scripts/start.sh /opt/start.sh
+COPY --from=maven-builder /usr/src/app/target/rmg-quartz-scheduler-server-*-jar-with-dependencies.jar /opt/quartz-server.jar
+COPY --from=jdk-builder /jdk /usr/lib/jvm/java-11-openjdk
+
+RUN set -ex \
+    && ln -s /usr/lib/jvm/java-11-openjdk/bin/java /usr/bin/java \
+    && chmod +x /opt/start.sh
+
+ENV _JAVA_OPTIONS -Djava.rmi.server.hostname=iinsecure.example \
+    -Dorg.quartz.scheduler.rmi.export=true \
+    -Dorg.quartz.scheduler.rmi.createRegistry=true \
+    -Dorg.quartz.scheduler.rmi.serverPort=4444
+
+EXPOSE 1099/tcp 4444/tcp
+
+CMD ["/opt/start.sh"]