399532154d
Fix a git snafu when landing #11131
...
While landing PR #11131 , I tripped over my own shoelaces and overwrote `weblogic_deserialize_rawobject.rb` with `weblogic_deserialize_unicastref.rb`, destroying my changes and introducing a great deal of confusion.
This PR gets us back to where we should have been, with #11131 landed and a few changes to add randomization and expanding on the T3 protocol.
2019-03-26 17:54:37 -05:00
26b67bbf91
Fix two-byte error, add randomization, T3 notes from @acamro
2019-03-26 16:45:17 -05:00
5f5d475c2e
Add expected traceback error to documentation
2019-03-26 16:44:45 -05:00
0f9a796d2f
Reverse engineered JSOs, used new ysoserial functionality
2019-02-20 14:28:09 -06:00
a10a5e74c4
Use of send_request_cgi instead of raw socket(incomplete responses) and other small fixes
2018-12-17 15:10:36 -08:00
48df4be54e
Improvements on code quality and documentation
2018-12-16 12:47:52 -08:00
8ce7643e41
Some improvements in code and documentation.
2018-12-15 21:07:53 -08:00
4c14642b99
Update modules/exploits/multi/misc/weblogic_deserialize_rawobject.rb
...
Co-Authored-By: acamro <acamro@users.noreply.github.com >
2018-12-15 23:23:23 -05:00
8dfd8aa4cd
Update modules/exploits/multi/misc/weblogic_deserialize_rawobject.rb
...
Co-Authored-By: acamro <acamro@users.noreply.github.com >
2018-12-15 23:23:14 -05:00
826c93ff8a
Sintax error in an elseif
2018-12-15 19:41:35 -08:00
25a447fa35
Removed line at the end of file (to pass all tests)
2018-12-15 19:21:37 -08:00
82db6025c9
Some fixes to pass msftidy.
2018-12-15 18:32:17 -08:00
446144ba8e
Metasploit module for CVE 2015-4852, Weblogic serialization RCE Raw Object
2018-12-15 18:26:34 -08:00
asoto-r7