Java RMI Protocol Detection Scanner

Misconfigured RMI Registry and RMI Activation Services allowing the loading of classes from a remote URL.

Short Info

Level

Medium

Type

Single Scan

Can be used by

Asset Owner

Estimated Time

7 sec

Scan only one

Domain, Ipv4

Parent Category

Java RMI Protocol Detection Scanner Detail

What is Java RMI?

Java RMI server is a virtual entity exposed over the network that allows other remote parties (clients) to execute methods on a system (technically a JVM running on that system) on which it is running. It’s nothing exceptional in the programming world — where similar concepts like Remote Procedure Call (RPC) are widely used.

Thus, by running an exposed RMI Server on a system, one can allow external actors to interact with it and possibly execute methods on the RMI Server. These methods should be defined within the Server implementation. Once they are called by a client, they will be executed on the Server and the return values will be returned to the client.

cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.

Try it yourself,
control security posture

Get free usage

Learn More About Product