BaRMIe was written to aid security professionals in identifying insecure RMI services on systems which the user has prior permission to attack. Unauthorised access to computer systems is illegal and BaRMIe must be used in accordance with all relevant laws. Failure to do so could lead to you being prosecuted. The developers of BaRMIe assume no liability and are not responsible for any misuse or damage caused by this program.
BaRMIe is a tool for enumerating and attacking Java RMI (Remote Method Invocation) services.
RMI services often expose dangerous functionality without adequate security controls, however RMI services tend to pass under the radar during security assessments due to the lack of effective testing tools. In 2008 Adam Boulton spoke at AppSec USA (YouTube) and released some RMI attack tools which disappeared soon after, however even with those tools a successful zero-knowledge attack relies on a significant brute force attack (~64-bits/9 quintillion possibilities) being performed over the network.
The goal of BaRMIe is to enable security professionals to identify, attack, and secure insecure RMI services. Using partial RMI interfaces from existing software, BaRMIe can interact directly with those services without first brute forcing 64-bits over the network.
1. Attacking Insecure Methods
2. Deserialization via Object-type Paraeters
3. Deserialization via Illegal Method Invocation
+ Java 7 or higher
Usage and Build:
git clone https://github.com/NickstaDB/BaRMIe && cd BaRMIe
mvn clean package -DskipTests
Or wget https://github.com/NickstaDB/BaRMIe/releases/download/v1.0/BaRMIe_v1.0.jar
java -jar BaRMIe_v1.0.jar