Shulou(Shulou.com)06/01 Report--

Weblogic uses a few tips to share:

When you obtain server permissions through deserialization, you may sometimes need to verify the vulnerability. When you view the amount of data in the database, you need to upload webshell or use the background deployment war package. You can use the following tips

View the config/config.xml file, which contains weblogic configuration information, such as site deployment path, background login username and password, port number, etc.

Use cat. / config/config.xml under Linux

Use cmd.exe / c type config\ config.xml under Windows

Site path information

After getting the site path, you can write webshell remotely to enter and then get the information on the server and connect to the database more easily.

Find the login password of weblogic background. The user name and password information are placed in config/config.xml, but usually the password is encrypted and stored. As shown in figure 1, it needs to be decrypted with the SerializedSystemIni.dat file located in\ user_projects\ domains\ APPNAME\ security\

Download the file and use the tool to decrypt it

Tips for downloading the file, you can copy the file to the web path and rename the suffix, such as exe, etc., download it locally and crack it

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.