weblogic | 易学教程

How to acheive servicegen behavior in jwsc task?

阅读更多关于 How to acheive servicegen behavior in jwsc task?

问题 Migrating a java soap web service from 11g to 12c which has few operations. Used jwsc task to generate WSDL which generates all the input elements starting with uppercase and "ArrayOf" elements not coming along with wsdl. This behavior was good in 11g where wsdl generation happens through servicegen task, In 12c servicegen not available. Any suggestion to overcome this issue? 回答1: servicegen is from WLS 8.1 (this version had a proprietary webservices jax-rpc runtime). That runtime was removed

博客园开放API如何使用

阅读更多关于博客园开放API如何使用

业务背景: 我通过weblogic这个Java爬虫框架是能够爬取得到博客园的大多数数据，但后来得知博客园有自己的开放API，通过这个开放API可以做一些事情，比方说实现一个关于博客园文章的小程序阅读、或者想学习go、node.js、flutter或uniapp用其实现一个CMS应用。一、API KEY 申请申请地址: https://oauth.cnblogs.com/ 二、申请成功后，会发一个邮件给你，里面有ClientId和ClientSecret 三、访问博客园OpenAPI文档地址为: https://api.cnblogs.com/Help 四、验证请求一下如上图是我做了一层封装。主要封装了请求体中的clien_id、client_secret、grant_type等。基本上拿到了token，将其放到请求头中，接下来博客园开放接口都能使用(注意，是开放接口，没有开放的接口，换言之就是接口文档上没有了，就不能使用) 来源： oschina 链接： https://my.oschina.net/u/4257773/blog/4304600

内网靶机实战渗透

阅读更多关于内网靶机实战渗透

本文仅为了学习交流，自己搭建靶机环境进行测试，严禁非法使用！！！ (随笔仅为平时的学习记录，若有错误请大佬指出) 一: 内网靶机分布内网入口(攻击者和该win10在同一网段，攻击者无法访问win10虚拟机中的主机) win10 phpstudy thinkphpv5.0.24 域环境（均可以出网） win7 phpstudy uploads-lab win2003 jboss4.x漏洞 win2008 域控双网卡(其中一个网卡链接着下面的主机) 其他主机(以下主机在同一网段，不能出网，与域环境处于不同网段，只有域控可以访问以下主机) win7 Tomcat win2008 Mssql win2003 win2012 weblogic 攻击思路: 拿下存下ThinkPhp漏洞的主机-开启socks代理进入内网-通过uploads-lab上传webshell拿下win7-通过weblogic漏洞拿下win2012dc-通过jboss4.x漏洞拿下win2003-通过MS14-068漏洞拿下域控-添加第二个网卡的路由-通过Tomcat漏洞拿下win7-解密win7的数据库密码拿下win2008权限-获取win2008的远程连接凭证拿下win2003-拿下全部主机二:(Cobalt Strike3.14简称CS，Msfconsole简称MSF) 访问win10的web服务

WebLogic Bridge Message: “Failure of Web Server bridge: No backend server available for connection…”

阅读更多关于 WebLogic Bridge Message: “Failure of Web Server bridge: No backend server available for connection…”

问题 I have an application (packaged software from a vendor) that runs on Oracle WebLogic. There are few operations that, if I try them, I consistently get the following error page: (WebLogic Bridge Message) Failure of Web Server bridge: No backend server available for connection: timed out after 10 seconds or idempotent set to OFF or method not idempotent. The error occurs consistently almost exactly five minutes after I try the operation. The page does not look like the typical error page you

Weblogic uses configured keystore even if the TrustManager accepting all certs is configured for SSLContext

阅读更多关于 Weblogic uses configured keystore even if the TrustManager accepting all certs is configured for SSLContext

问题 I'm using WebLogic 12.2.1.3.0 and JDK8 to run following part of code in my PoC application deployed. Application uses weblogic.net.http.HttpsURLConnection client class: import java.net.URL; import java.net.URLEncoder; import java.security.Provider; import java.security.cert.X509Certificate; import javax.net.ssl.SSLSession; import weblogic.net.http.HttpURLConnection; import weblogic.net.http.HttpsURLConnection; import weblogic.security.SSL.HostnameVerifier; import weblogic.security.SSL

Weblogic uses configured keystore even if the TrustManager accepting all certs is configured for SSLContext

阅读更多关于 Weblogic uses configured keystore even if the TrustManager accepting all certs is configured for SSLContext

How to disable admin port in weblogic without weblogic console?

阅读更多关于 How to disable admin port in weblogic without weblogic console?

问题 I enabled 'admin port' on weblogic and configured Two-Way SSL to 'Client Certs Requested And Enforced' and now I can't have access to weblogic console through admin port, I wanna use normal port by 7001 but I can't: Console/Management requests or requests with specified to 'true' can only be made through an administration channel How can I disable admin port through WLST or config file? 回答1: Easily you should change one property on config file find config.xml file on DOMAIN-HOME\config

How to disable admin port in weblogic without weblogic console?

阅读更多关于 How to disable admin port in weblogic without weblogic console?

Migrating from Weblogic 11 to Weblogic 12, getting ClassNotFoundException

阅读更多关于 Migrating from Weblogic 11 to Weblogic 12, getting ClassNotFoundException

问题 We are migrating an Application consisting of several ear files from Weblogic 11 to Weblogic 12. Three of the ear files are running well, when we deploy the 4th it throws a ClassNotFoundException on startup. Two of the three running ears aren’t important in this regard. So, the situation is that A.ear runs fine, B.ear fails to start. B.ears pom.xml refers to a module of A.ear as dependency with provided and ejb-client, and using maven-ear-plugin it refers to the module as ejbClientModule. Due

Weblogic漏洞利用

阅读更多关于 Weblogic漏洞利用

Weblogic漏洞 Weblogic任意文件上传（CVE-2018-2894）受影响版本 weblogic 10.3.6.0、weblogic 12.1.3.0、weblogic 12.2.1.2、weblogic 12.2.1.3。漏洞存在前提后台base_domain设置中启用web服务测试页利用漏洞方法访问 http://xxx.com/ws_utc/config.do 设置Work Home Dir为 /u01/oracle/user_projects/domains/base_domain/servers/AdminServer/tmp/_WL_internal/com.oracle.webservices.wls.ws-testclient-app-wls/4mcj4y/war/css 将目录设置为ws_utc应用的静态文件css目录，访问这个目录是无需权限的，然后提交。点击"安全"，添加，弹出登录框，点击“浏览”上传webshell并抓包找到响应包中的时间戳访问http://xxx.com/ws_utc/css/config/keystore/[时间戳]_[文件名]，即可执行webshell Weblogic反序列化 (CVE-2017-10271) 受影响版本 10.3.6.0.0，12.1.3.0.0，12.2.1.1.0，12.2.1.2.0

订阅 weblogic