-
Notifications
You must be signed in to change notification settings - Fork 13.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add Weblogic_serialize_marshalledobject CVE-2016-3510 #11134
Add Weblogic_serialize_marshalledobject CVE-2016-3510 #11134
Conversation
@acamro : I apologize for the delay. It took me a while to work through everything here, but I've just pushed a commit to your branch with my reverse engineering of the JSOs in the module. In addition, the module now uses the ysoserial functionality added in #11125. Remaining, I'd like to see if we can't figure out what the remaining blobs do (they're marked with I'll have a similar commit on the #11131 PR in just a moment, then I'll be turning my attention to #11136, which gets more complex... 😬 Thanks for your patience! Feel free to tackle those |
Release NotesThe Oracle Weblogic Server Deserialization RCE module exploits a vulnerability in Oracle Weblogic Server v10.3.6.0 and v12.1.3.0. It provides an attacker with highly-reliable, unauthenticated remote code execution via a java deserialization vulnerability. |
Hi everyone,
Please, add this exploit module for CVE-2016-3510, Oracle Weblogic Deserialization Vulnerability,
It was tested on Windows 7 x64 with Oracle Weblogic Server v10.3.6.0 and v12.1.3.0
TODO
Test on Linux
Test on Solaris
Improve the documentation
DEMO
Verification
msfconsole
use exploit/multi/misc/weblogic_deserialize_marshalledobject