WebLogicÔ¶³ÌBlind XXE¸ßΣÎó²î ÈËÉú¾ÍÊDz©Ìṩ½â¾ö¼Æ»®

Ðû²¼Ê±¼ä 2019-04-19
WebLogicÊÇOracle¹«Ë¾³öÆ·µÄÒ»¸ö»ùÓÚJAVAEE¼Ü¹¹µÄÖÐÐļþ£¬£¬£¬£¬£¬£¬WebLogicÊÇÓÃÓÚ¿ª·¢¡¢¼¯³É¡¢°²ÅźÍÖÎÀí´óÐÍÂþÑÜʽWebÓ¦Óá¢ÍøÂçÓ¦ÓúÍÊý¾Ý¿âÓ¦ÓõÄJavaÓ¦ÓÃЧÀÍÆ÷¡£¡£¡£¡£

2019Äê4ÔÂ17ÈÕ£¬£¬£¬£¬£¬£¬Oracle¹Ù·½Ðû²¼4Ô·ÝÇå¾²²¹¶¡, ²¹¶¡ÖаüÀ¨ÈËÉú¾ÍÊDz©ADLab·¢Ã÷²¢µÚһʱ¼äÌá½»¸øOracle¹Ù·½µÄWebLogic Blind XXEÎó²î£¬£¬£¬£¬£¬£¬Îó²î±àºÅΪCVE-2019-2647¡£¡£¡£¡£Ê¹ÓøÃÎó²î£¬£¬£¬£¬£¬£¬¹¥»÷Õß¿ÉÒÔÔÚδÊÚȨµÄÇéÐÎϽ«payload·â×°ÔÚT3ЭÒéÖУ¬£¬£¬£¬£¬£¬Í¨¹ý¶ÔT3ЭÒéÖеÄpayload¾ÙÐз´ÐòÁл¯£¬£¬£¬£¬£¬£¬´Ó¶øÊµÏÖ¶Ô±£´æÎó²îµÄWebLogic×é¼þ¾ÙÐÐÔ¶³ÌBlind XXE¹¥»÷¡£¡£¡£¡£¸ÃÎó²îÓ°Ïì¹æÄ£ÆÕ±é£¬£¬£¬£¬£¬£¬½¨Òé¿í´óÓû§ÊµÊ±½ÓÄÉÓ¦¶Ô²½·¥£¬£¬£¬£¬£¬£¬ÒÔÃâÔâÊܺڿ͹¥»÷¡£¡£¡£¡£

ÏêϸÄÚÈݿɲο¼ADLabÆÊÎö£º
https://mp.weixin.qq.com/s/ded-kzmApHk_EsJakeSwpg

Îó²îÓ°Ïì°æ±¾


WebLogic 10.3.6.0
WebLogic 12.1.3.0
WebLogic 12.2.1.2
WebLogic 12.2.1.3
 

Îó²îÑéÖ¤


²âÊÔÇéÐΣº
WebLogic Server 10.3.6.0£¨´ò²¹p28343311_1036_Generic£©
Îó²îʹÓÃЧ¹û£º

ÈËÉú¾ÍÊDz©-×ðÁú¿­Ê±Öйú¹ÙÍø
 

½â¾ö¼Æ»®


1¡¢¹Ù·½½¨Òé


? Éý¼¶²¹¶¡


Oracle¹Ù·½¸üÐÂÁ´½ÓµØµã£º
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html¡£¡£¡£¡£

? ¿ØÖÆT3ЭÒéµÄ»á¼û


WebLogic Blind XXEÎó²î±¬·¢ÓÚWebLogicµÄT3ЧÀÍ£¬£¬£¬£¬£¬£¬Òò´Ë¿Éͨ¹ý¿ØÖÆT3ЭÒéµÄ»á¼ûÀ´ÔÝʱ×è¶ÏÕë¶Ô¸ÃÎó²îµÄ¹¥»÷¡£¡£¡£¡£µ±¿ª·ÅWebLogic¿ØÖÆÌ¨¶Ë¿Ú£¨Ä¬ÒÔΪ7001¶Ë¿Ú£©Ê±£¬£¬£¬£¬£¬£¬T3ЧÀÍ»áĬÈÏ¿ªÆô¡£¡£¡£¡£

£¨1£©½øÈëWebLogic¿ØÖÆÌ¨£¬£¬£¬£¬£¬£¬ÔÚbase_domainÉèÖÃÒ³ÃæÖУ¬£¬£¬£¬£¬£¬½øÈëÇ徲ѡÏî¿¨Ò³Ãæ£¬£¬£¬£¬£¬£¬µã»÷ɸѡÆ÷£¬£¬£¬£¬£¬£¬ÉèÖÃɸѡÆ÷¡£¡£¡£¡£

£¨2£©ÔÚÅþÁ¬É¸Ñ¡Æ÷ÖÐÊäÈ룺weblogic.security.net.ConnectionFilterImpl£¬£¬£¬£¬£¬£¬ÔÚÅþÁ¬É¸Ñ¡Æ÷¹æÔòÖÐÊäÈ룺127.0.0.1 * * allow t3 t3s£¬£¬£¬£¬£¬£¬0.0.0.0/0 * * deny t3 t3s(t3ºÍt3sЭÒéµÄËùÓж˿ÚÖ»ÔÊÐíÍâµØ»á¼û)¡£¡£¡£¡£

£¨3£©ÉúÑĺóÐèÖØÐÂÆô¶¯£¬£¬£¬£¬£¬£¬¹æÔò·½¿ÉÉúЧ¡£¡£¡£¡£


2¡¢Îó²îɨÃè


ÈËÉú¾ÍÊDz©Ì쾵ųÈõÐÔɨÃèÓëÖÎÀíϵͳV6.0ÓÚ2019Äê4ÔÂ18ÈÕ½ôÆÈÐû²¼Õë¶Ô¸ÃÎó²îµÄÉý¼¶°ü£¬£¬£¬£¬£¬£¬Ö§³Ö¶Ô¸ÃÎó²î¾ÙÐмì²â£¬£¬£¬£¬£¬£¬Óû§Éý¼¶Ì쾵©ɨ²úÆ·Îó²î¿âºó¼´¿É¶Ô¸ÃÎó²î¾ÙÐÐɨÃè¡£¡£¡£¡£6070°æ±¾Éý¼¶°üΪ607000214£¬£¬£¬£¬£¬£¬Éý¼¶°üÏÂÔØµØµã£º
/article/type/1/146.html

ÇëÌ쾵ųÈõÐÔɨÃèÓëÖÎÀíϵͳV6.0²úÆ·µÄÓû§¾¡¿ìÉý¼¶µ½×îа汾£¬£¬£¬£¬£¬£¬ÊµÊ±¶Ô¸ÃÎó²î¾ÙÐмì²â£¬£¬£¬£¬£¬£¬ÒԱ㾡¿ì½ÓÄÉÌá·À²½·¥¡£¡£¡£¡£

ÈËÉú¾ÍÊDz©-×ðÁú¿­Ê±Öйú¹ÙÍø

 
3¡¢²úÆ·¼ì²âÓë·À»¤


ÒѰ²ÅÅÈËÉú¾ÍÊDz©IDS¡¢IPS¡¢WAF²úÆ·µÄ¿Í»§ÇëÈ·ÈÏÈçÏÂÊÂÎñ¹æÔòÒѾ­Ï·¢²¢Ó¦Ó㬣¬£¬£¬£¬£¬¼´¿ÉÓÐÓüì²â»ò×è¶Ï¹¥»÷¡£¡£¡£¡£

HTTP_Weblogic_í§ÒâÎļþ¶ÁÈ¡Îó²î[CVE-2019-2615]
HTTP_WebLogic_í§ÒâÎļþÉÏ´«Îó²î[CVE-2019-2618]
HTTP_WebLogic_Blind_XXE×¢ÈëÎó²î[CVE-2019-2647]