-
Notifications
You must be signed in to change notification settings - Fork 198
WebLogic
WebLogic is Oracle's application server. There are currently no known vulnerabilities that result in unauthenticated remote command execution and no default credentials. The administrative login page is protected by an account lockout feature by default making bruteforce password guessing attempts unlikely to succeed.
In the event that WebLogic credentials are obtained by some means, it is possible to use the administrative interface to gain remote command execution on the server. The administrative console can be found at:
http(s)://<host>:7001/console
Clusterd contains modules to deploy to WebLogic when credentials are known. The syntax is just the usual, where shell.war is generated with the clusterd --gen-payload module (as described above):
sudo python clusterd.py --deploy shell.war --deployer web_deploy -i localhost -p 7001 -a weblogic
Deployment may also be performed manually from within the WebLogic administrative console by uploading and invoking the WAR file.