Skip to content

Add --json JSON Lines output support#47

Open
ocervell wants to merge 1 commit into
qtc-de:masterfrom
freelabz:feature/json-output
Open

Add --json JSON Lines output support#47
ocervell wants to merge 1 commit into
qtc-de:masterfrom
freelabz:feature/json-output

Conversation

@ocervell

Copy link
Copy Markdown

Summary

This PR adds a global --json option to beanshooter that emits machine readable result
records as JSON Lines (one JSON object per line, easily parseable
with jq). This mirrors the live JSON Lines support recently added to
MANSPIDER and makes it much
easier to consume beanshooter output programmatically.

Records are written live, as they are produced, so the output can be consumed in a
streaming fashion.

Usage

The --json option takes an optional file argument:

  • --json – write JSON Lines to stdout. The human readable logging is redirected to
    stderr, so stdout contains valid JSON Lines only.
  • --json <file> – append JSON Lines to the given file. Human readable logging stays on stdout.

Result records

type Emitted by Notable fields
credentials brute host, port, username, password
mbean list class, objectName, interesting
enum enum check, category, status

Every record additionally carries a type and an ISO-8601 time field.

Example

$ beanshooter brute 172.17.0.2 1099 --ssl --json
{"type":"credentials","time":"2026-06-17T15:48:45.148Z","host":"172.17.0.2","port":1099,"username":"controlRole","password":"control"}
{"type":"credentials","time":"2026-06-17T15:48:45.221Z","host":"172.17.0.2","port":1099,"username":"monitorRole","password":"monitor"}

$ beanshooter enum 172.17.0.2 1099 --ssl --json
{"type":"enum","time":"2026-06-17T15:48:46.543Z","check":"unauthorized-access","category":"vulnerability","status":"non-vulnerable"}
{"type":"enum","time":"2026-06-17T15:48:46.604Z","check":"preauth-deserialization","category":"vulnerability","status":"non-vulnerable"}

Implementation notes

  • New JsonLogger class in the io package handles record serialization (no new
    dependencies – a small, self-contained JSON writer is used) and output routing.
  • When JSON goes to stdout, Logger transparently redirects human readable output to stderr.
  • The enum status records reuse the existing Logger.status* methods, labelled with a
    per-check context set by EnumHelper.

Testing

Built with mvn clean package and verified end-to-end against the
jmx-example-server:2.1 container: --json appears in help, stdout/stderr routing works,
and credentials, mbean, and enum records are emitted as valid, jq-parseable JSON Lines.

🤖 Generated with Claude Code

Add a global `--json` option that makes beanshooter emit machine readable
result records as JSON Lines (one JSON object per line, parseable with jq).
Records are written live as they are produced.

The option takes an optional file argument:

  --json          write JSON Lines to stdout (human readable logging is
                  redirected to stderr so stdout stays valid JSON)
  --json <file>   append JSON Lines to the given file

Result records are currently emitted for:

  - brute  -> "credentials" records (host, port, username, password)
  - list   -> "mbean" records (class, objectName, interesting)
  - enum   -> "enum" records (check, category, status)

Each record additionally carries a "type" and an ISO-8601 "time" field.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant