JNDI-Injection-Exploit-Plus
JNDI-Injection-Exploit-Plus copied to clipboard
cckuailong
exec on atacker.
hi. command execute on ataker machine (weblogic10 gadjet), then generate payload...:
Exception in thread "main" java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at jndi.CommonDeserial.execByDeserialize(CommonDeserial.java:25)
at run.ServerStart.main(ServerStart.java:113)
Caused by: [Error: java.lang.Runtime.getRuntime().exec("nslookup test.com"): Cannot run program "nslookup": error=2, No such file or directory]
[Near : {... java.lang.Runtime.getRuntime() ....}]
^
[Line: 1, Column: 1]
at com.tangosol.coherence.mvel2.optimizers.impl.refl.ReflectiveAccessorOptimizer.compileGetChain(ReflectiveAccessorOptimizer.java:435)
at com.tangosol.coherence.mvel2.optimizers.impl.refl.ReflectiveAccessorOptimizer.optimizeAccessor(ReflectiveAccessorOptimizer.java:163)
at com.tangosol.coherence.mvel2.optimizers.dynamic.DynamicOptimizer.optimizeAccessor(DynamicOptimizer.java:80)
at com.tangosol.coherence.mvel2.ast.ASTNode.optimize(ASTNode.java:159)
