exploit for T3 rce (CVE 2015-4852 \CVE 2016-0638 \CVE 2016-3510)
weblogic t3 漏洞利用相关java脚本 用图:和python直接配合ysoserial的poc相比复杂很多,但是此项目的主要目的是学习java内部构造相关t3结构的过程,以及后续结合相关源码测试相关回显思路。 first commit: 支持(CVE 2015-4852 \CVE 2016-0638 \CVE 2016-3510)
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12.2.1.0 allows remote malicious users to affect confidentiality, integrity, and availability via vectors related to WLS Core Components, a different vulnerability than CVE-2016-3586.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
oracle weblogic server 12.1.3.0.0 |
||
oracle weblogic server 12.2.1.0.0 |
||
oracle weblogic server 10.3.6.0.0 |