RemoteObjectInvocationHandler

bypass JEP290 RaspHook code，Hook InvokeRemoteMethod 函数，替换成URLDNS gadget

Usage

1、mvn package 打好jar包

2、运行RmiServer

3、运行RmiClient前，VM options参数填写:-javaagent:C:\Users\xxx\InvokeRemoteMethod\target\rasp-1.0-SNAPSHOT.jar

4、最终会hook住RemoteObjectInvocationHandler函数，修改第三个参数为URLDNS gadget

bypass jep290攻击rmi文章已首发在安全客：https://www.anquanke.com/post/id/200860

参考链接：

Name		Name	Last commit message	Last commit date
Latest commit History 13 Commits
RemoteObjectInvocationHandler		RemoteObjectInvocationHandler
README.md		README.md