Oracle Application Testing Suite WebLogic Server Administration Console War Deployment
Posted by deepcore on May 29, 2019 – 9:30 am
This Metasploit module abuses a feature in WebLogic Server’s Administration Console to install a malicious Java application in order to gain remote code execution. Authentication is required, however by default, Oracle ships with a “oats” account that you could log in with, which grants you administrator access.
Post a reply
You must be logged in to post a comment.