CVE-2023-21839

This PoC exploits CVE-2023-21839, a JNDI injection vulnerability in Oracle WebLogic Server, by binding a malicious ForeignOpaqueReference object to trigger an LDAP lookup. It leverages reflection to manipulate JNDI environment variables and execute arbitrary code via a remote LDAP server.

This repository contains a Go-based exploit for CVE-2023-21839, a remote code execution vulnerability in Oracle WebLogic Server. The exploit leverages IIOP/T3 protocol manipulation to achieve RCE without requiring Java dependencies, and includes NAT traversal capabilities.

This is a working PoC for CVE-2024-20931, a bypass of the patch for CVE-2023-21839 in Oracle WebLogic. It exploits a JNDI injection vulnerability to achieve remote code execution by leveraging a malicious LDAP server.

This repository provides an analysis of CVE-2023-21839, a vulnerability in Oracle WebLogic Server related to JNDI lookup/list operations over t3/iiop protocols. It includes call stack details and mentions a tool for exploitation but does not contain actual exploit code.

This PoC exploits CVE-2023-21839, a deserialization vulnerability in Oracle WebLogic Server, by sending crafted T3 protocol messages to achieve remote code execution. The script interacts with the target server to extract keys and inject malicious LDAP references.

This repository contains a GUI-based tool for testing and exploiting CVE-2023-21839 (WebLogic RCE), CVE-2022-39197 (CobaltStrike RCE), and CVE-2023-28432 (MinIO info leak). It includes functional PoC code for WebLogic RCE via JNDI injection and CobaltStrike RCE via Frida-based process manipulation.

This repository contains a Metasploit auxiliary module for scanning Oracle WebLogic servers vulnerable to CVE-2023-21839, an information disclosure vulnerability that can lead to RCE. The module checks the WebLogic version and attempts to verify exploitation via DNS logging.

This Metasploit module exploits CVE-2023-21839, an unauthenticated RCE vulnerability in Oracle WebLogic via IIOP deserialization of a ForeignOpaqueReference object, leading to JNDI injection and arbitrary code execution as the 'oracle' user.