Java RMI Protocol Detection Scanner

Stay Up To Date
Asset Type


Need Membership


Asset Verify


API Support


Estimate Time (Second)


Java RMI Protocol Detection Scanner Detail

Misconfigured RMI Registry and RMI Activation Services allowing the loading of classes from a remote URL.

What is Java RMI?

Java RMI server is a virtual entity exposed over the network that allows other remote parties (clients) to execute methods on a system (technically a JVM running on that system) on which it is running. It’s nothing exceptional in the programming world — where similar concepts like Remote Procedure Call (RPC) are widely used.

Thus, by running an exposed RMI Server on a system, one can allow external actors to interact with it and possibly execute methods on the RMI Server. These methods should be defined within the Server implementation. Once they are called by a client, they will be executed on the Server and the return values will be returned to the client.

Some Advice for Common Problems

Access restriction should be applied.

Need a Full Assessment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service