关联漏洞
Description
WebLogic Honeypot is a low interaction honeypot to detect CVE-2017-10271 in the Oracle WebLogic Server component of Oracle Fusion Middleware. This is a Remote Code Execution vulnerability.
介绍
# WebLogic honeypot
Cymmetria Research, 2018.
https://www.cymmetria.com/
Written by: Omer Cohen (@omercnet)
Special thanks: Imri Goldberg (@lorgandon), Itamar Sher, Nadav Lev
Contact: research@cymmetria.com
WebLogic Honeypot is a low interaction honeypot to detect CVE-2017-10271 in the Oracle WebLogic Server component of Oracle Fusion Middleware. This is a Remote Code Execution vulnerability. The honeypots does a simple simulation of the WebLogic server and will allow attackers to use the vulnerability to attempt to execute code, and will report of such attempts.
It is released under the MIT license for the use of the community, pull requests are welcome!
# Usage
* Run without parameters to listen on default port (8080):
> python weblogic_server.py
* Run with --help to see other command line parameters
See also
--------
https://cymmetria.com/blog/honeypots-for-oracle-vulnerabilities/
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10271
Please consider trying out the MazeRunner Community Edition, the free version of our cyber deception platform.
https://community.cymmetria.com/
文件快照
[4.0K] /data/pocs/a5436df287983a20de6378d7c20b27160a6b646c
├── [ 215] Dockerfile
├── [1.0K] LICENSE
├── [1.1K] README.md
├── [ 11] requirements.txt
├── [6.5K] weblogic_server.py
└── [4.0K] wls-wsat
├── [1.1K] 403.html
├── [1.1K] 404.html
├── [1.6K] CoordinatorPortType
├── [1.6K] CoordinatorPortType11
├── [1.6K] ParticipantPortType
├── [1.6K] ParticipantPortType11
├── [1.6K] RegistrationPortTypeRPC
├── [1.6K] RegistrationPortTypeRPC11
├── [1.7K] RegistrationRequesterPortType
└── [1.7K] RegistrationRequesterPortType11
1 directory, 15 files
备注
1. 建议优先通过来源进行访问。
2. 本地 POC 快照面向订阅用户开放;当原始来源失效或无法访问时,本地镜像作为订阅权益的一部分提供。
3. 持续抓取、验证、维护这份 POC 档案需要不少投入,因此本地快照已纳入付费订阅。您的订阅是让这份资料能继续走下去的关键,由衷感谢。 查看订阅方案 →