Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2018-2879 PoC — Oracle Fusion Middleware Access Manager组件安全漏洞

Source
https://github.com/redtimmy/OAMBuster
Associated Vulnerability
Title:Oracle Fusion Middleware Access Manager组件安全漏洞 (CVE-2018-2879)
Description:Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Authentication Engine). Supported versions that are affected are 11.1.2.3.0 and 12.2.1.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Access Manager. While the vulnerability is in Oracle Access Manager, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Access Manager. Note: Please refer to Doc ID <a href="http://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=2386496.1">My Oracle Support Note 2386496.1 for instructions on how to address this issue. CVSS 3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H).
Description
Multithreaded Padding Oracle Attack on Oracle OAM (CVE-2018-2879)
Readme
# OAMBuster
Multithreaded Padding Oracle Attack on Oracle OAM (CVE-2018-2879)

## Authors
[Red Timmy](http://www.redtimmy.com) (Marco Ortisi, Stefan Broeder, Ahmad Mahfouz)

## Description
This multithreaded exploit was developed to greatly increase the speed of the attack as compared to the single threaded version.
For more information about the technical details of the attack, see this blog post by SEC Consult:

https://sec-consult.com/en/blog/2018/05/oracle-access-managers-identity-crisis/


![Screenshot of OAMBuster](https://redtimmysec.files.wordpress.com/2019/04/screenshot_oambuster.png)

The first two stages will quickly verify whether the website is vulnerable to the attack. 
Stage 3 will launch the multithreaded Padding Oracle attack.

## More information
Please adjust the valid_padding() function to catch the error that is returned from a padding failure in your environment.

For more information about the exploit and our trainings on advanced Java attacks, see [RedTimmy.com](http://www.redtimmy.com)
File Snapshot

 [4.0K]  /data/pocs/a7732f621994c7c5f86a1f057b17b9d068b1fe4e
├── [ 15K]  oambuster.py
└── [1.0K]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →