Home > Developer > Java

WebLogic Server Deployment Web Agent fixes WebLogic Java Deserialization Vulnerability

Source: Internet
Author: User
Tags stop script
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Recently, the cloud sent an email prompting the company of a system of loopholes, about WebLogic, more information reference http://drops.wooyun.org/papers/13244

Repair Method http://drops.wooyun.org/web/13470


This time using Apache as a proxy for processing, that is, in the WebLogic Server installation Web (Apache or Nginx) proxy application, so that the Web Agent listens to the original WebLogic listening port, and the HTTP request forwarded to the native WebLogic for processing. The detailed operation is as follows

Os:oracle Linux 6.1

weblogic:10.3.6

1. Backing Up backup backups

2. Modify the listening address and listening port on the WebLogic console

Installation and configuration of 3.Apache

4. Stop WebLogic

5. Launch Apache

6. Testing


1. Backup

It's a good idea to back up the relevant files before you do it, preferably by backing up the entire domain

We only backed up/soft/oracle/middleware/user_projects/domains/base_domain/config/config.xml here.

2. modify the listening address and listening port on the WebLogic console

Visit http://192.168.10.201/console

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M02/7F/47/wKiom1cYipjBrLmgAAA53JEZctY443.png "title=" 2222222.png "alt=" Wkiom1cyipjbrlmgaaa53jezcty443.png "/>

Here the listening address is modified to 127.0.0.1 (can also be modified to localhost), the listening port is modified to 8080

Once saved, click on the "Activate Changes" button in the Change center

Installation and configuration of 3.Apache

Apache installation can choose Yum Install or compile the installation, choose, here to choose Yum Installation

Yum Install httpd Httpd-devel

Copy the required modules

CD/SOFT/ORACLE/MIDDLEWARE/WLSERVER_10.3/SERVER/PLUGIN/LINUX/X86_64CP mod_wl_22.so/etc/httpd/modulescd/etc/httpd /CONFCP httpd.conf Httpd.conf.bakvi httpd.conf

Edit modify the following content

#add by Xxxloadmodule weblogic_module modules/mod_wl_22.so<ifmodule mod_weblogic.c> WeblogicHost 127.0.0.1 Weblo Gicport 8080 matchexpression *.jsp matchexpression *.do matchexpression * wllogfile "/tmp/wlproxy.log" </IfMod Ule>listen 0.0.0.0:80servername 192.168.10.201:80

Note Apache2.2.15 may encounter the following error when booting

: Libstdc++.so.5:cannot open Shared object file:no such file or directory

Workaround: Yum install libstdc++

4. Stop WebLogic

When you are sure that the changes are working, close WebLogic

/soft/oracle/middleware/user_projects/domains/base_domain/bin./stopweblogic.sh

5. Launch Apache

service httpd start[[email protected] ]# lsof -i:80command  pid    user   fd   type device size node namehttpd    3344   root    3u  IPv4  10087        TCP *:http  (LISTEN) httpd   3345 apache     3u  ipv4  10087       tcp *:http   (LISTEN) httpd   3347 apache    3u  ipv4   10087       tcp *:http  (LISTEN) httpd   3348  Apache    3u  ipv4  10087       tcp  *:http  (LISTEN) Httpd   3350 apache    3u  ipv4   10087       tcp *:http  (LISTEN) httpd   3351 apache     3u  ipv4  10087       tcp *:http   (LISTEN) httpd   3352 apache    3u  ipv4   10087       tcp *:http  (LISTEN) httpd   3354  Apache    3u  ipv4  10087       tcp  *:http  (LISTEN) Httpd   3356 apache    3u  ipv4   10087       TCP *:http  (LISTEN) [[email protected ] ]# lsof -i:8080command  pid   user   fd    TYPE DEVICE SIZE NODE NAMEhttpd   3345 apache    11u  ipv4&nBsp; 14643       tcp localhost.localdomain:36829-> localhost.localdomain:webcache  (close_wait) httpd   3347 apache   11u   ipv4  14685       tcp localhost.localdomain :58644->localhost.localdomain:webcache  (close_wait) httpd   3348 apache    11u  IPv4  14574       TCP  localhost.localdomain:34162->localhost.localdomain:webcache  (close_wait) httpd   3350  apache   11u  IPv4  14637        tcp localhost.localdomain:36827->localhost.localdomain:webcache  (CLOSE_WAIT) httpd    3351 apache   11u  IPv4  14678        tcp localhost.localdomain:58643->localhost.localdomain:webcache  (close_wait) httpd   3352 apache   11u   IPv4  14670       TCP localhost.localdomain:58642-> localhost.localdomain:webcache  (close_wait) httpd   3354 apache   11u   ipv4  14646       tcp localhost.localdomain :36830->localhost.localdomain:webcache  (close_wait) httpd   3356 apache    11u  IPv4  14640       TCP  localhost.localdomain:36828->localhost.localdomain:webcache  (close_wait) java     4023  psoft  376u  ipv6  12867        TCP localhost.localdomain:webcache  (LISTEN) [[email protected] ]#

6. Testing

Access 192.168.10.201 test project is normal
7. Modify the WebLogic Stop script

The IP in the Admin_url parameter in the WebLogic stop script needs to be modified to "127.0.0.1" or "localhost", otherwise the stop script is not available.

CD/SOFT/ORACLE/MIDDLEWARE/USER_PROJECTS/DOMAINS/BASE_DOMAIN/BINCP stopweblogic.sh StopWebLogic.sh.bak VI stopweblogic.sh admin_url= "t3://weblogic:7001" is modified to the following admin_url= "t3://localhost:8080"


Reference Link: http://drops.wooyun.org/web/13470

http://blog.chinaunix.net/xmlrpc.php?r=blog/article&uid=69879&id=2680631



This article is from "The girl said" blog, please be sure to keep this source http://sugarlovecxq.blog.51cto.com/6707742/1766288

WebLogic Server Deployment Web Agent fixes WebLogic Java Deserialization Vulnerability

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
weblogic application server tutorial weblogic application server download oracle weblogic server download weblogic server tutorial weblogic server installation steps weblogic server tutorial point oracle application server vs weblogic
Related Article
Java.sql.SQLException:Zero Date value Prohibited exception ha...
Java's garbage collection mechanism
Analysis of Java Concurrency Aqs principle (I.)
The difference between fail-fast and fail-safe in Java
Advantages and disadvantages of AWT/SWING/SWT in Java GUI pro...

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More