Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
node.js bridge library to communicate with java applications through JMX.
>= 0.10
.node-java
: See its installation instructions$ npm install jmx
var jmx = require("jmx");
client = jmx.createClient({
host: "localhost", // optional
port: 3000
});
client.connect();
client.on("connect", function() {
client.getAttribute("java.lang:type=Memory", "HeapMemoryUsage", function(data) {
var used = data.getSync('used');
console.log("HeapMemoryUsage used: " + used.longValue);
// console.log(data.toString());
});
client.setAttribute("java.lang:type=Memory", "Verbose", true, function() {
console.log("Memory verbose on"); // callback is optional
});
client.invoke("java.lang:type=Memory", "gc", [], function(data) {
console.log("gc() done");
});
});
client = jmx.createClient({
service: "service:jmx:rmi:///jndi/rmi://localhost:3000/jmxrmi"
});
You can check the node-java documentation to learn how to work with java objects in node.js.
Returns a Client
object.
options
is a hash table with the following values:
service
- The full service URL string, with host, port, protocol and urlPath included. For example "service:jmx:rmi:///jndi/rmi://localhost:3000/jmxrmi"
.host
- Hostname to connect to (defaults to "localhost"
).port
- JMX port number to connect to.protocol
- Protocol to use (defaults to "rmi"
).urlPath
- JMX URL Path (defaults to "/jndi/{protocol}://{host}:{port}/jmx{protocol}"
).username
- JMX authentication username.password
- JMX authentication password.Connects to the JMX server. Emits connect
event when done.
Disconnects from the JMX server. Emits disconnect
event when done.
Returns an attribute from a MBean.
mbean
- MBean query address as string. For example "java.lang:type=Memory".attribute
- Attribute name as string.callback(attrValue)
Returns an attribute list from a MBean.
mbean
- MBean query address as string. For example "java.lang:type=Memory".attributes
- Attribute names as an array of strings.callback(attrValue)
Returns the default domain as string.
callback(domainName)
Returns an array of domain names.
callback(domainsArray)
Returns total the number of MBeans.
callback(mbeanCount)
Invokes a MBean operation.
mbean
- The MBean query address as string. For example "java.lang:type=Memory"
.methodName
- The method name as string.params
- The parameters to pass to the operation as array. For example [ 1, 5, "param3" ]
.signature
(optional) - An array with the signature of the params. Sometimes may be necessary to use this if class names are not correctly detected (gives a NoSuchMethodException). For example [ "int", "java.lang.Integer", "java.lang.String" ]
.callback(returnedValue)
Lists server MBeans. Callback returns an array of strings containing MBean names.
Adds a listener for the especified event.
connect
disconnect
error
- Passes the error as first parameter to the callback function.Changes an attribute value of the MBean.
mbean
- The MBean query address as string. For example "java.lang:type=Memory"
.attribute
- The attribute name as string.value
- The attribute value.className
(optional) - The attribute java className. Sometimes may be necessary to use this if value type is not correctly detected (gives a InvalidAttributeValueException). For example `"java.lang.Long".callback()
(optional)Errors are not printed to the console by default. You can catch them with something like the following:
client.on("error", function(err) {
// ...
});
$ npm install -g jshint
$ make style test
You will need to set the JAVA_HOME
environment variable if the java binary is not in your PATH.
$ make test-cov
The HTML output file will be at ./coverage.html
.
You can enable debugging and error printing to console using NODE_DEBUG
environment variable:
$ NODE_DEBUG="jmx" node [...]
async@~1.3.0
, java@~0.5.0
.0.12
support.0.8
support.0.6
support: not supported by the last node-java
version.Author: | Xabier de Zuazo (xabier@onddo.com) |
Contributor: | Eric |
Copyright: | Copyright (c) 2013-2015 Onddo Labs, SL. (www.onddo.com) |
License: | Apache License, Version 2.0 |
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
FAQs
Bridge library to communicate with Java applications through JMX.
We found that jmx demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.