文章详情

短信预约-IT技能 免费直播动态提醒

请输入下面的图形验证码

提交验证

短信预约提醒成功

Weblogic WLS组件REC漏洞CVE-2017-10271测试与修复方案是什么

2023-06-04 11:39

关注

本篇文章为大家展示了Weblogic WLS组件REC漏洞CVE-2017-10271测试与修复方案是什么,内容简明扼要并且容易理解,绝对能使你眼前一亮,通过这篇文章的详细介绍希望你能有所收获。

第一步,搭建python环境

首先访问http://www.python.org/download/去下载windows版的python,这里下载2.7.14。

Weblogic WLS组件REC漏洞CVE-2017-10271测试与修复方案是什么 
2.下载python2.7安装包。

Weblogic WLS组件REC漏洞CVE-2017-10271测试与修复方案是什么

安装python

Weblogic WLS组件REC漏洞CVE-2017-10271测试与修复方案是什么 

点击Next

Weblogic WLS组件REC漏洞CVE-2017-10271测试与修复方案是什么 

点击Next,这里可以记一下“C:\Python27\”,后面配置系统环境变量

Weblogic WLS组件REC漏洞CVE-2017-10271测试与修复方案是什么 

点击“Next”

Weblogic WLS组件REC漏洞CVE-2017-10271测试与修复方案是什么 

等待安装完成

Weblogic WLS组件REC漏洞CVE-2017-10271测试与修复方案是什么

点击Finish完成安装

 配置python环境变量,为PATH变量添加参数“C:\Python27\”

Weblogic WLS组件REC漏洞CVE-2017-10271测试与修复方案是什么 

测试python是否安装成功,打开cmd命令输入python

Weblogic WLS组件REC漏洞CVE-2017-10271测试与修复方案是什么 

执行python命令:print 'Hello World!' 

Weblogic WLS组件REC漏洞CVE-2017-10271测试与修复方案是什么 

Python环境配置完毕。

第二步,使用工具测试漏洞

首先访问https://github.com/,登陆代码托管平台Github,直接搜索关键字“CVE-2017-10271”

Weblogic WLS组件REC漏洞CVE-2017-10271测试与修复方案是什么 2.下载hanc00l/weblogic_wls_wsat_rce项目,解压至F盘(可以测试Linux版本)

Weblogic WLS组件REC漏洞CVE-2017-10271测试与修复方案是什么 3. 查看README的内容

  1. weblogic_wls_wsat_rce

  2. Weblogic wls-wsat组件反序列化漏洞(CVE-2017-10271)利用脚本,参考https://github.com/s3xy/CVE-2017-10271修改。

  1. 使用方法及参数

  2. python weblogic_wls_wsat_exp.py -t 172.16.80.131:7001

  3. usage: weblogic_wls_wsat_exp.py [-h] -t TARGET [-c CMD] [-o OUTPUT] [-s SHELL]

  4. optional arguments:

  5.   -h, --help            show this help message and exit

  6.   -t TARGET, --target TARGET

  7.                         weblogic ip and port(eg -> 172.16.80.131:7001)

  8.   -c CMD, --cmd CMD     command to execute,default is "id"

  9.   -o OUTPUT, --output OUTPUT

  10.                         output file name,default is output.txt

  11.   -s SHELL, --shell SHELL

  12.                         local jsp file name to upload,and set -o xxx.jsp

 4.执行命令测试:python weblogic_wls_wsat_exp.py -t targetip:port

  1. F:\weblogic_wls_wsat_rce-master>python weblogic_wls_wsat_exp.py -t 10.6.3.240:7002 -c ls

  2. Traceback (most recent call last):

  3.   File "F:\CVE-2017-10271-master\weblogic_wls_wsat_exp.py", line 3, in <module>

  4.     import requests

  5. ImportError: No module named requests

根据错误信息,需要安装requests模块,使用easy_install工具执行命令安装模块:C:\Python27\Scripts\easy_install.exe requests

  1. F:\weblogic_wls_wsat_rce-master>C:\Python27\Scripts\easy_install.exe requests

  2. Searching for requests

  3. Reading https://pypi.python.org/simple/requests/

  4. Downloading https://pypi.python.org/packages/b0/e1/eab4fc3752e3d240468a8c0b28460

  5. 7899d2fbfb236a56b7377a329aa8d09/requests-2.18.4.tar.gz#md5=081412b2ef79bdc482298

  6. 91af13f4d82

  7. Best match: requests 2.18.4

  8. Processing requests-2.18.4.tar.gz

  9. Writing

  10. ……

  11. Installing chardetect-script.py script to c:\python27\Scripts

  12. Installing chardetect.exe script to c:\python27\Scripts

  13. Installing chardetect.exe.manifest script to c:\python27\Scripts

  14. Installed c:\python27\lib\site-packages\chardet-3.0.4-py2.7.egg

  15. Finished processing dependencies for requests

  16. 再次执行命令

  17. F:\weblogic_wls_wsat_rce-master>python weblogic_wls_wsat_exp.py -t 10.6.3.240:7002 -c ls

  18. autodeploy

  19. bin

  20. config

  21. console-ext

  22. dev=null

显然,命令执行成功。

第三步,更新补丁修复漏洞

 在https://support.oracle.com上用关键字CVE-2017-10271搜索,找到2017年10月份的补丁文件并下载。【p26519424_1036_Generic.zip】

 执行打补丁操作(注意:不同的环境和本文的路径会有所不同)

  1. cams@SCT-APP:~>cd /home/cams/bea/middleware/wlserver_10.3/server/bin/

  2. cams@SCT-APP:~/bea/middleware/wlserver_10.3/server/bin>ls

  3. international  setWLSEnv.sh  startNodeManager.sh

  4. cams@SCT-APP:~/bea/middleware/wlserver_10.3/server/bin> . ./setWLSEnv.sh

  5. CLASSPATH=/home/cams/bea/middleware/patch_wls1036/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/home/cams/bea/middleware/patch_ocp371/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/usr/java/jdk1.6.0_45/lib/tools.jar:/home/cams/bea/middleware/wlserver_10.3/server/lib/weblogic_sp.jar:/home/cams/bea/middleware/wlserver_10.3/server/lib/weblogic.jar:/home/cams/bea/middleware/modules/features/weblogic.server.modules_10.3.6.0.jar:/home/cams/bea/middleware/wlserver_10.3/server/lib/webservices.jar:/home/cams/bea/middleware/modules/org.apache.ant_1.7.1/lib/ant-all.jar:/home/cams/bea/middleware/modules/net.sf.antcontrib_1.1.0.0_1-0b2/lib/ant-contrib.jar:.:/usr/java/jdk1.6.0_45/lib/dt.jar:/usr/java/jdk1.6.0_45/lib/tools.jar

  6. PATH=/home/cams/bea/middleware/wlserver_10.3/server/bin:/home/cams/bea/middleware/modules/org.apache.ant_1.7.1/bin:/usr/java/jdk1.6.0_45/jre/bin:/usr/java/jdk1.6.0_45/bin:/usr/java/jdk1.6.0_45/bin:/usr/local/bin:/usr/bin:/bin:/usr/bin/X11:/usr/games:

  7. Your environment has been set.

  8. cams@SCT-APP:~/bea/middleware/wlserver_10.3/server/bin> java weblogic.version

  9. WebLogic Server Temporary Patch for BUG22248372 Tue Nov 24 00:35:04 MST 2015

  10. WebLogic Server 10.3.6.0.12 PSU Patch for BUG20780171 THU JUN 18 15:54:42 IST 2015

  11. WebLogic Server 10.3.6.0  Tue Nov 15 08:52:36 PST 2011 1441050

  12. Use 'weblogic.version -verbose' to get subsystem information

  13. Use 'weblogic.utils.Versions' to get version information for all modules

  14. cams@SCT-APP:~/bea/middleware/wlserver_10.3/server/bin> cd /home/cams/bea/middleware/utils/bsu

  15. cams@SCT-APP:~/bea/middleware/utils/bsu> ./bsu.sh -prod_dir=/home/cams/bea/middleware/wlserver_10.3/ -status=applied -verbose -view

  16. ProductName: WebLogic Server

  17. ProductVersion: 10.3 MP6

  18. Components: WebLogic Server/Core Application Server,WebLogic Server/Admi

  19.                    nistration Console,WebLogic Server/Configuration Wizard and

  20.                    Upgrade Framework,WebLogic Server/Web 2.0 HTTP Pub-Sub Serve

  21.                    r,WebLogic Server/WebLogic SCA,WebLogic Server/WebLogic JDBC

  22.                     Drivers,WebLogic Server/Third Party JDBC Drivers,WebLogic S

  23.                    erver/WebLogic Server Clients,WebLogic Server/WebLogic Web S

  24.                    erver Plugins,WebLogic Server/UDDI and Xquery Support,WebLog

  25.                    ic Server/Evaluation Database,WebLogic Server/Workshop Code

  26.                    Completion Support

  27. BEAHome: /home/cams/bea/middleware

  28. ProductHome: /home/cams/bea/middleware/wlserver_10.3

  29. PatchSystemDir: /home/cams/bea/middleware/utils/bsu

  30. PatchDir: /home/cams/bea/middleware/patch_wls1036

  31. Profile: Default

  32. DownloadDir: /home/cams/bea/middleware/utils/bsu/cache_dir

  33. JavaVersion: 1.6.0_29

  34. JavaVendor: Sun

  35. Patch ID: EJUW

  36. PatchContainer: EJUW.jar

  37. Checksum: 1554039558

  38. Severity: optional

  39. Category: General

  40. CR/BUG: 20780171

  41. Restart: true

  42. Description: WLS PATCH SET UPDATE 10.3.6.0.12

  43. WLS PATCH SET UPDATE 10.3.

  44.                    6.0.12

  45. Patch ID: ZLNA

  46. PatchContainer: ZLNA.jar

  47. Checksum: -894774340

  48. Severity: optional

  49. Category: Security

  50. CR/BUG: 22248372

  51. Restart: true

  52. Description: WEBLOGIC SERVER CVE-2015-4852 SECURITY ALERT PATCH (NOV 2015

  53.                    )

  54. WEBLOGIC SERVER CVE-2015-4852 SECURITY ALERT PATCH (NOV 20

  55.                    15)

  56. 上传p26519424_1036_Generic.zip至DownloadDir:/home/cams/bea/middleware/utils/bsu/cache_dir路径下,并解压

  57. cams@SCT-APP:~/bea/middleware/utils/bsu> cd cache_dir/

  58. cams@SCT-APP:~/bea/middleware/utils/bsu/cache_dir> unzip p26519424_1036_Generic.zip

  59. Archive: p26519424_1036_Generic.zip

  60.  extracting: FMJJ.jar

  61.   inflating: patch-catalog_25504.xml

  62. replace README.txt? [y]es, [n]o, [A]ll, [N]one, [r]ename: r

  63. new name: README2.txt

  64.   inflating: README2.txt

  65.   

  66. 如果不知道如何打补丁,参考文章http://blog.itpub.net/31394774/viewspace-2142526/

  67.             

  68. cams@SCT-APP:~/bea/middleware/utils/bsu/cache_dir> cd ../

  69. cams@SCT-APP:~/bea/middleware/utils/bsu> ./bsu.sh -install -patch_download_dir=/home/cams/bea/middleware/utils/bsu/cache_dir/ -patchlist=FMJJ -prod_dir=/home/cams/bea/middleware/wlserver_10.3/ -verbose

  70. 检查冲突.....

  71. 检测到冲突 - 解决冲突情形并重新执行补丁程序安装

  72. 下面是冲突情形详细资料:

  73. 补丁程序 FMJJ 与以下补丁程序互相排斥且不能共存: EJUW,ZLNA

  74. 此时,需要将EJUW,ZLNA补丁卸载,使用-remove命令进行卸载。

  75. 【注意:需先卸载ZLNA,后卸载EJUW】

  76. cams@SCT-APP:~/bea/middleware/utils/bsu> ./bsu.sh -remove -patchlist=EJUW -prod_dir=/home/cams/bea/middleware/wlserver_10.3/ -verbose

  77. 检查冲突......

  78. 检测到冲突 - 解决冲突情形并重新执行补丁程序删除过程

  79. 下面是冲突情形详细资料:

  80. 必须先删除下列补丁程序, 才能删除所选补丁程序: ZLNA

  81. cams@SCT-APP:~/bea/middleware/utils/bsu> ./bsu.sh -remove -patchlist=ZLNA -prod_dir=/home/cams/bea/middleware/wlserver_10.3/ -verbose

  82. 检查冲突.......

  83. 未检测到冲突

  84. 开始删除补丁程序 ID: ZLNA

  85. 还原 /home/cams/bea/middleware/wlserver_10.3/server/lib/wlthint3client.jar 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  86. 删除 /home/cams/bea/middleware/patch_wls1036/patch_jars/BUG22248372_1036.jar

  87. 更新 /home/cams/bea/middleware/patch_wls1036/profiles/default/sys_manifest_classpath/weblogic_patch.jar

  88. 旧清单值: Class-Path= ../../../patch_jars/BUG22248372_1036.jar ../../../patch_jars/BUG20780171_1036012.jar ../../../patch_jars/com.bea.core.apache.commons.fileupload_1.0.0.0_1-3-1.jar ../../../patch_jars/com.bea.core.stax2_2.0.0.0_3-0-3.jar ../../../patch_jars/glassfish.jaxb.xjc_1.2.0.0_2-1-14.jar ../../../patch_jars/glassfish.jaxb_1.2.0.0_2-1-14.jar ../../../patch_jars/glassfish.jaxp_1.4.5.0.jar ../../../patch_jars/glassfish.jaxws.mimepull_1.1.0.0_1-3-8.jar

  89. 新清单值: Class-Path= ../../../patch_jars/BUG22248372_1036.jar ../../../patch_jars/BUG20780171_1036012.jar ../../../patch_jars/com.bea.core.apache.commons.fileupload_1.0.0.0_1-3-1.jar ../../../patch_jars/com.bea.core.stax2_2.0.0.0_3-0-3.jar ../../../patch_jars/glassfish.jaxb.xjc_1.2.0.0_2-1-14.jar ../../../patch_jars/glassfish.jaxb_1.2.0.0_2-1-14.jar ../../../patch_jars/glassfish.jaxp_1.4.5.0.jar ../../../patch_jars/glassfish.jaxws.mimepull_1.1.0.0_1-3-8.jar

  90. 结果: 成功

  91. cams@SCT-APP:~/bea/middleware/utils/bsu> ./bsu.sh -remove -patchlist=EJUW -prod_dir=/home/cams/bea/middleware/wlserver_10.3/ -verbose

  92. 检查冲突.......

  93. 未检测到冲突

  94. 开始删除补丁程序 ID: EJUW

  95. 删除 /home/cams/bea/middleware/modules/com.bea.core.weblogic.stax_1.11.0.0.jar

  96. 删除 /home/cams/bea/middleware/wlserver_10.3/bugsfixed/WLS-PSU-bugsfixed.txt

  97. 删除 /home/cams/bea/middleware/wlserver_10.3/server/lib/wlt3jmsclient.jar

  98. 删除 /home/cams/bea/middleware/wlserver_10.3/server/lib/consoleapp/APP-INF/lib/commons-io-2.4.jar

  99. 删除 /home/cams/bea/middleware/wlserver_10.3/bugsfixed/20780171-WLS-10.3.6.0.12_PSU_WebServices-ClientSide-Configuration-README.txt

  100. 删除 /home/cams/bea/middleware/wlserver_10.3/server/lib/wlt3client.jar

  101. 还原 /home/cams/bea/middleware/wlserver_10.3/server/lib/consoleapp/APP-INF/lib/commons-fileupload.jar 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  102. 还原 /home/cams/bea/middleware/wlserver_10.3/server/lib/wljmxclient.jar 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  103. 还原 /home/cams/bea/middleware/modules/com.oracle.cie.config-wls-schema_10.3.6.0.jar 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  104. 还原 /home/cams/bea/middleware/wlserver_10.3/common/wlst/modules/jython-modules.jar 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  105. 还原 /home/cams/bea/middleware/wlserver_10.3/server/lib/wlthint3client.jar 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  106. 还原 /home/cams/bea/middleware/wlserver_10.3/common/bin/wlsifconfig.sh 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  107. 还原 /home/cams/bea/middleware/wlserver_10.3/server/lib/wlstestclient.ear 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  108. 还原 /home/cams/bea/middleware/modules/com.bea.core.utils.full_1.10.0.0.jar 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  109. 还原 /home/cams/bea/middleware/modules/ws.databinding_1.3.0.0.jar 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  110. 还原 /home/cams/bea/middleware/modules/com.bea.core.bea.opensaml_1.0.0.0_6-2-0-0.jar 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  111. 还原 /home/cams/bea/middleware/wlserver_10.3/common/deployable-libraries/jsf-2.0.war 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  112. 还原 /home/cams/bea/middleware/wlserver_10.3/server/lib/schema/weblogic-domain-binding.jar 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  113. 还原 /home/cams/bea/middleware/wlserver_10.3/server/lib/webserviceclient+ssl.jar 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  114. 还原 /home/cams/bea/middleware/wlserver_10.3/server/lib/wljmsclient.jar 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  115. 还原 /home/cams/bea/middleware/wlserver_10.3/server/lib/wlw-langx.jar 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  116. 还原 /home/cams/bea/middleware/wlserver_10.3/server/lib/wlsafclient.jar 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  117. 还原 /home/cams/bea/middleware/modules/com.bea.core.apache_1.3.0.1.jar 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  118. 还原 /home/cams/bea/middleware/wlserver_10.3/server/lib/wlsaft3client.jar 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  119. 还原 /home/cams/bea/middleware/wlserver_10.3/server/lib/wseeclient.zip 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  120. 还原 /home/cams/bea/middleware/modules/glassfish.jstl_1.2.0.1.jar 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  121. 还原 /home/cams/bea/middleware/modules/com.bea.core.common.security.saml2_1.0.0.0_6-2-0-0.jar 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  122. 还原 /home/cams/bea/middleware/wlserver_10.3/server/lib/wls-api.jar 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  123. 还原 /home/cams/bea/middleware/wlserver_10.3/common/deployable-libraries/jsf-1.2.war 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  124. 还原 /home/cams/bea/middleware/wlserver_10.3/common/deployable-libraries/jstl-1.2.war 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  125. 还原 /home/cams/bea/middleware/modules/com.bea.core.descriptor.wl.binding_1.4.0.0.jar 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  126. 还原 /home/cams/bea/middleware/modules/com.oracle.cie.config-wls_7.2.0.0.jar 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  127. 还原 /home/cams/bea/middleware/wlserver_10.3/server/lib/jms-notran-adp.rar 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  128. 还原 /home/cams/bea/middleware/wlserver_10.3/server/lib/jms-xa-adp.rar 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  129. 还原 /home/cams/bea/middleware/wlserver_10.3/server/lib/jdbcdrivers.xml 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  130. 还原 /home/cams/bea/middleware/wlserver_10.3/server/lib/uddiexplorer.war 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  131. 还原 /home/cams/bea/middleware/wlserver_10.3/server/lib/wlclient.jar 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  132. 还原 /home/cams/bea/middleware/wlserver_10.3/server/lib/webserviceclient.jar 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  133. 还原 /home/cams/bea/middleware/modules/ws.databinding.plugins_1.3.0.0.jar 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  134. 还原 /home/cams/bea/middleware/modules/com.bea.core.utils_1.10.0.0.jar 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  135. 还原 /home/cams/bea/middleware/wlserver_10.3/server/lib/wseeclient.jar 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  136. 还原 /home/cams/bea/middleware/wlserver_10.3/server/lib/consoleapp/webapp/WEB-INF/lib/console.jar 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  137. 还原 /home/cams/bea/middleware/modules/com.bea.core.bea.opensaml2_1.0.0.0_6-2-0-0.jar 从 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  138. 删除 /home/cams/bea/middleware/patch_wls1036/patch_jars/BUG20780171_1036012.jar

  139. 删除 /home/cams/bea/middleware/patch_wls1036/patch_jars/com.bea.core.apache.commons.fileupload_1.0.0.0_1-3-1.jar

  140. 删除 /home/cams/bea/middleware/patch_wls1036/patch_jars/com.bea.core.stax2_2.0.0.0_3-0-3.jar

  141. 删除 /home/cams/bea/middleware/patch_wls1036/patch_jars/glassfish.jaxb.xjc_1.2.0.0_2-1-14.jar

  142. 删除 /home/cams/bea/middleware/patch_wls1036/patch_jars/glassfish.jaxb_1.2.0.0_2-1-14.jar

  143. 删除 /home/cams/bea/middleware/patch_wls1036/patch_jars/glassfish.jaxp_1.4.5.0.jar

  144. 删除 /home/cams/bea/middleware/patch_wls1036/patch_jars/glassfish.jaxws.mimepull_1.1.0.0_1-3-8.jar

  145. 更新 /home/cams/bea/middleware/patch_wls1036/profiles/default/sys_manifest_classpath/weblogic_patch.jar

  146. 旧清单值: Class-Path= ../../../patch_jars/BUG20780171_1036012.jar ../../../patch_jars/com.bea.core.apache.commons.fileupload_1.0.0.0_1-3-1.jar ../../../patch_jars/com.bea.core.stax2_2.0.0.0_3-0-3.jar ../../../patch_jars/glassfish.jaxb.xjc_1.2.0.0_2-1-14.jar ../../../patch_jars/glassfish.jaxb_1.2.0.0_2-1-14.jar ../../../patch_jars/glassfish.jaxp_1.4.5.0.jar ../../../patch_jars/glassfish.jaxws.mimepull_1.1.0.0_1-3-8.jar

  147. 新清单值: Class-Path=

  148. 结果: 成功

  149. 再次安装FMJJ补丁

  150. cams@SCT-APP:~/bea/middleware/utils/bsu> ./bsu.sh -install -patch_download_dir=/home/cams/bea/middleware/utils/bsu/cache_dir/ -patchlist=FMJJ -prod_dir=/home/cams/bea/middleware/wlserver_10.3/ -verbose

  151. 检查冲突.....

  152. 未检测到冲突

  153. 开始安装补丁程序 ID: FMJJ

  154. 安装 /home/cams/bea/middleware/utils/bsu/cache_dir/FMJJ.jar

  155. 解压缩 /home/cams/bea/middleware/patch_wls1036/patch_jars/BUG26519424_10360171017.jar

  156. 解压缩 /home/cams/bea/middleware/patch_wls1036/patch_jars/com.bea.core.apache.commons.fileupload_1.0.0.0_1-3-1.jar

  157. 解压缩 /home/cams/bea/middleware/patch_wls1036/patch_jars/com.bea.core.stax2_2.0.0.0_3-0-3.jar

  158. 解压缩 /home/cams/bea/middleware/patch_wls1036/patch_jars/glassfish.jaxb.xjc_1.2.0.0_2-1-14.jar

  159. 解压缩 /home/cams/bea/middleware/patch_wls1036/patch_jars/glassfish.jaxb_1.2.0.0_2-1-14.jar

  160. 解压缩 /home/cams/bea/middleware/patch_wls1036/patch_jars/glassfish.jaxp_1.4.5.0.jar

  161. 解压缩 /home/cams/bea/middleware/patch_wls1036/patch_jars/glassfish.jaxws.mimepull_1.1.0.0_1-3-8.jar

  162. 解压缩 /home/cams/bea/middleware/patch_wls1036/patch_jars/glassfish.jaxws.rt_1.4.0.0_2-1-5.jar

  163. 解压缩 /home/cams/bea/middleware/patch_wls1036/patch_jars/glassfish.jaxws.saaj.impl_1.0.0.0_2-1-5.jar

  164. 更新 /home/cams/bea/middleware/patch_wls1036/profiles/default/sys_manifest_classpath/weblogic_patch.jar

  165. 旧清单值: Class-Path=

  166. 新清单值: Class-Path=../../../patch_jars/BUG26519424_10360171017.jar ../../../patch_jars/com.bea.core.apache.commons.fileupload_1.0.0.0_1-3-1.jar ../../../patch_jars/com.bea.core.stax2_2.0.0.0_3-0-3.jar ../../../patch_jars/glassfish.jaxb.xjc_1.2.0.0_2-1-14.jar ../../../patch_jars/glassfish.jaxb_1.2.0.0_2-1-14.jar ../../../patch_jars/glassfish.jaxp_1.4.5.0.jar ../../../patch_jars/glassfish.jaxws.mimepull_1.1.0.0_1-3-8.jar ../../../patch_jars/glassfish.jaxws.rt_1.4.0.0_2-1-5.jar ../../../patch_jars/glassfish.jaxws.saaj.impl_1.0.0.0_2-1-5.jar

  167. 备份 /home/cams/bea/middleware/wlserver_10.3/server/lib/DefaultAuthorizerInit.ldift 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  168. 备份 /home/cams/bea/middleware/wlserver_10.3/server/lib/wlstestclient.ear 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  169. 备份 /home/cams/bea/middleware/wlserver_10.3/server/lib/jms-notran-adp.rar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  170. 备份 /home/cams/bea/middleware/modules/com.oracle.cie.config-wls-schema_10.3.6.0.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  171. 备份 /home/cams/bea/middleware/wlserver_10.3/server/lib/XACMLAuthorizerInit.ldift 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  172. 备份 /home/cams/bea/middleware/wlserver_10.3/common/bin/wlsifconfig.sh 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  173. 备份 /home/cams/bea/middleware/modules/com.bea.core.descriptor.wl_1.4.0.0.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  174. 备份 /home/cams/bea/middleware/modules/javax.jsf_1.1.0.0_1-2.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  175. 备份 /home/cams/bea/middleware/wlserver_10.3/server/lib/schema/weblogic-domain-binding.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  176. 备份 /home/cams/bea/middleware/modules/com.bea.core.apache.commons.io_1.0.0.0_1-4.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  177. 备份 /home/cams/bea/middleware/modules/com.bea.core.apache.xalan_2.7.0.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  178. 备份 /home/cams/bea/middleware/wlserver_10.3/server/lib/consoleapp/webapp/WEB-INF/lib/console.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  179. 备份 /home/cams/bea/middleware/modules/com.bea.core.descriptor.wl.binding_1.4.0.0.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  180. 备份 /home/cams/bea/middleware/wlserver_10.3/common/deployable-libraries/jstl-1.2.war 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  181. 备份 /home/cams/bea/middleware/wlserver_10.3/common/templates/domains/wls.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  182. 备份 /home/cams/bea/middleware/wlserver_10.3/common/wlst/modules/jython-modules.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  183. 备份 /home/cams/bea/middleware/wlserver_10.3/server/lib/consoleapp/APP-INF/lib/commons-fileupload.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  184. 备份 /home/cams/bea/middleware/wlserver_10.3/server/lib/wlthint3client.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  185. 备份 /home/cams/bea/middleware/modules/com.bea.core.apache.commons.collections_3.2.0.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  186. 备份 /home/cams/bea/middleware/wlserver_10.3/common/deployable-libraries/jsf-1.2.war 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  187. 备份 /home/cams/bea/middleware/modules/com.oracle.cie.config-wls_7.2.0.0.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  188. 备份 /home/cams/bea/middleware/wlserver_10.3/server/lib/wlclient.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  189. 备份 /home/cams/bea/middleware/modules/glassfish.jstl_1.2.0.1.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  190. 备份 /home/cams/bea/middleware/wlserver_10.3/server/lib/wseeclient.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  191. 备份 /home/cams/bea/middleware/modules/com.bea.core.descriptor.wl.ja_1.4.0.0.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  192. 备份 /home/cams/bea/middleware/wlserver_10.3/common/deployable-libraries/jsf-2.0.war 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  193. 备份 /home/cams/bea/middleware/wlserver_10.3/server/lib/webserviceclient+ssl.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  194. 备份 /home/cams/bea/middleware/modules/com.bea.core.apache.xml.serializer_2.7.0.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  195. 备份 /home/cams/bea/middleware/wlserver_10.3/server/lib/jms-xa-adp.rar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  196. 备份 /home/cams/bea/middleware/wlserver_10.3/server/lib/jdbcdrivers.xml 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  197. 解压缩 /home/cams/bea/middleware/wlserver_10.3/server/lib/DefaultAuthorizerInit.ldift

  198. 解压缩 /home/cams/bea/middleware/wlserver_10.3/server/lib/wlstestclient.ear

  199. 解压缩 /home/cams/bea/middleware/wlserver_10.3/server/lib/jms-notran-adp.rar

  200. 解压缩 /home/cams/bea/middleware/modules/com.oracle.cie.config-wls-schema_10.3.6.0.jar

  201. 解压缩 /home/cams/bea/middleware/wlserver_10.3/server/lib/consoleapp/APP-INF/lib/commons-io-2.4.jar

  202. 解压缩 /home/cams/bea/middleware/wlserver_10.3/server/lib/XACMLAuthorizerInit.ldift

  203. 解压缩 /home/cams/bea/middleware/wlserver_10.3/common/bin/wlsifconfig.sh

  204. 解压缩 /home/cams/bea/middleware/wlserver_10.3/bugsfixed/26519424-WLS-10.3.6.0.171017_PSU_WebServices-ClientSide-Configuration-README.txt

  205. 解压缩 /home/cams/bea/middleware/wlserver_10.3/bugsfixed/WLS-PSU-bugsfixed.txt

  206. 解压缩 /home/cams/bea/middleware/modules/com.bea.core.descriptor.wl_1.4.0.0.jar

  207. 解压缩 /home/cams/bea/middleware/modules/javax.jsf_1.1.0.0_1-2.jar

  208. 解压缩 /home/cams/bea/middleware/wlserver_10.3/server/lib/schema/weblogic-domain-binding.jar

  209. 解压缩 /home/cams/bea/middleware/modules/com.bea.core.apache.commons.io_1.0.0.0_1-4.jar

  210. 解压缩 /home/cams/bea/middleware/modules/com.bea.core.apache.xalan_2.7.0.jar

  211. 解压缩 /home/cams/bea/middleware/modules/glassfish.jsf_1.0.0.0_1-2-15.jar

  212. 解压缩 /home/cams/bea/middleware/wlserver_10.3/server/lib/consoleapp/webapp/WEB-INF/lib/console.jar

  213. 解压缩 /home/cams/bea/middleware/modules/javax.jsf_1.0.0.0_2-0.jar

  214. 解压缩 /home/cams/bea/middleware/modules/com.bea.core.descriptor.wl.binding_1.4.0.0.jar

  215. 解压缩 /home/cams/bea/middleware/wlserver_10.3/common/deployable-libraries/jstl-1.2.war

  216. 解压缩 /home/cams/bea/middleware/wlserver_10.3/common/templates/domains/wls.jar

  217. 解压缩 /home/cams/bea/middleware/wlserver_10.3/common/wlst/modules/jython-modules.jar

  218. 解压缩 /home/cams/bea/middleware/wlserver_10.3/server/lib/consoleapp/APP-INF/lib/commons-fileupload.jar

  219. 解压缩 /home/cams/bea/middleware/wlserver_10.3/server/lib/wlthint3client.jar

  220. 解压缩 /home/cams/bea/middleware/wlserver_10.3/server/lib/XACMLAuthorizerUpdate_62.ldift

  221. 解压缩 /home/cams/bea/middleware/modules/com.bea.core.apache.commons.collections_3.2.0.jar

  222. 解压缩 /home/cams/bea/middleware/wlserver_10.3/common/deployable-libraries/jsf-1.2.war

  223. 解压缩 /home/cams/bea/middleware/modules/com.oracle.cie.config-wls_7.2.0.0.jar

  224. 解压缩 /home/cams/bea/middleware/wlserver_10.3/server/lib/wlclient.jar

  225. 解压缩 /home/cams/bea/middleware/modules/com.bea.core.stax2_2.0.0.0_3-0-3.jar

  226. 解压缩 /home/cams/bea/middleware/modules/glassfish.jstl_1.2.0.1.jar

  227. 解压缩 /home/cams/bea/middleware/modules/glassfish.jsf_1.0.0.0_2-0-4.jar

  228. 解压缩 /home/cams/bea/middleware/wlserver_10.3/server/lib/wseeclient.jar

  229. 解压缩 /home/cams/bea/middleware/modules/com.bea.core.descriptor.wl.ja_1.4.0.0.jar

  230. 解压缩 /home/cams/bea/middleware/wlserver_10.3/common/deployable-libraries/jsf-2.0.war

  231. 解压缩 /home/cams/bea/middleware/wlserver_10.3/server/lib/DefaultAuthorizerUpdate_62.ldift

  232. 解压缩 /home/cams/bea/middleware/wlserver_10.3/server/lib/webserviceclient+ssl.jar

  233. 解压缩 /home/cams/bea/middleware/modules/com.bea.core.apache.xml.serializer_2.7.0.jar

  234. 解压缩 /home/cams/bea/middleware/wlserver_10.3/server/lib/jms-xa-adp.rar

  235. 解压缩 /home/cams/bea/middleware/wlserver_10.3/server/lib/jdbcdrivers.xml

  236. 备份 /home/cams/bea/middleware/modules/com.oracle.core.coherence.integration_1.2.0.0.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  237. 备份 /home/cams/bea/middleware/wlserver_10.3/server/lib/wls-api.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  238. 备份 /home/cams/bea/middleware/modules/com.bea.core.common.security.impl_1.0.0.0_6-2-0-0.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  239. 备份 /home/cams/bea/middleware/modules/com.bea.core.weblogic.security.wls_1.0.0.0_6-2-0-0.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  240. 备份 /home/cams/bea/middleware/wlserver_10.3/server/lib/wseeclient.zip 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  241. 备份 /home/cams/bea/middleware/modules/ws.databinding_1.3.0.0.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  242. 备份 /home/cams/bea/middleware/wlserver_10.3/server/lib/uddiexplorer.war 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  243. 备份 /home/cams/bea/middleware/wlserver_10.3/server/lib/webserviceclient.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  244. 备份 /home/cams/bea/middleware/wlserver_10.3/server/lib/wlsafclient.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  245. 备份 /home/cams/bea/middleware/modules/com.bea.core.apache_1.3.0.1.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  246. 备份 /home/cams/bea/middleware/modules/com.bea.core.bea.opensaml_1.0.0.0_6-2-0-0.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  247. 备份 /home/cams/bea/middleware/wlserver_10.3/server/lib/wlw-langx.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  248. 备份 /home/cams/bea/middleware/wlserver_10.3/server/lib/wljmxclient.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  249. 备份 /home/cams/bea/middleware/wlserver_10.3/server/lib/wlsaft3client.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  250. 备份 /home/cams/bea/middleware/modules/ws.databinding.plugins_1.3.0.0.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  251. 备份 /home/cams/bea/middleware/modules/com.oracle.core.weblogic.msgcat_1.2.0.0.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  252. 备份 /home/cams/bea/middleware/modules/com.bea.core.bea.opensaml2_1.0.0.0_6-2-0-0.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  253. 备份 /home/cams/bea/middleware/modules/com.bea.core.descriptor_1.10.0.0.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  254. 备份 /home/cams/bea/middleware/wlserver_10.3/server/lib/wljmsclient.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  255. 备份 /home/cams/bea/middleware/modules/com.bea.core.common.security.saml2_1.0.0.0_6-2-0-0.jar 至 /home/cams/bea/middleware/patch_wls1036/backup/backup.jar

  256. 解压缩 /home/cams/bea/middleware/modules/com.oracle.core.coherence.integration_1.2.0.0.jar52609.tmp

  257. 合并 /home/cams/bea/middleware/modules/com.oracle.core.coherence.integration_1.2.0.0.jar52609.tmp 与 /home/cams/bea/middleware/modules/com.oracle.core.coherence.integration_1.2.0.0.jar

  258. 解压缩 /home/cams/bea/middleware/wlserver_10.3/server/lib/wls-api.jar22088.tmp

  259. 合并 /home/cams/bea/middleware/wlserver_10.3/server/lib/wls-api.jar22088.tmp 与 /home/cams/bea/middleware/wlserver_10.3/server/lib/wls-api.jar

  260. 解压缩 /home/cams/bea/middleware/modules/com.bea.core.common.security.impl_1.0.0.0_6-2-0-0.jar46334.tmp

  261. 合并 /home/cams/bea/middleware/modules/com.bea.core.common.security.impl_1.0.0.0_6-2-0-0.jar46334.tmp 与 /home/cams/bea/middleware/modules/com.bea.core.common.security.impl_1.0.0.0_6-2-0-0.jar

  262. 解压缩 /home/cams/bea/middleware/modules/com.bea.core.weblogic.security.wls_1.0.0.0_6-2-0-0.jar57180.tmp

  263. 合并 /home/cams/bea/middleware/modules/com.bea.core.weblogic.security.wls_1.0.0.0_6-2-0-0.jar57180.tmp 与 /home/cams/bea/middleware/modules/com.bea.core.weblogic.security.wls_1.0.0.0_6-2-0-0.jar

  264. 解压缩 /home/cams/bea/middleware/wlserver_10.3/server/lib/wseeclient.zip61185.tmp

  265. 合并 /home/cams/bea/middleware/wlserver_10.3/server/lib/wseeclient.zip61185.tmp 与 /home/cams/bea/middleware/wlserver_10.3/server/lib/wseeclient.zip

  266. 解压缩 /home/cams/bea/middleware/modules/ws.databinding_1.3.0.0.jar30164.tmp

  267. 合并 /home/cams/bea/middleware/modules/ws.databinding_1.3.0.0.jar30164.tmp 与 /home/cams/bea/middleware/modules/ws.databinding_1.3.0.0.jar

  268. 解压缩 /home/cams/bea/middleware/wlserver_10.3/server/lib/uddiexplorer.war61491.tmp

  269. 合并 /home/cams/bea/middleware/wlserver_10.3/server/lib/uddiexplorer.war61491.tmp 与 /home/cams/bea/middleware/wlserver_10.3/server/lib/uddiexplorer.war

  270. 解压缩 /home/cams/bea/middleware/wlserver_10.3/server/lib/webserviceclient.jar25254.tmp

  271. 合并 /home/cams/bea/middleware/wlserver_10.3/server/lib/webserviceclient.jar25254.tmp 与 /home/cams/bea/middleware/wlserver_10.3/server/lib/webserviceclient.jar

  272. 解压缩 /home/cams/bea/middleware/wlserver_10.3/server/lib/wlsafclient.jar35800.tmp

  273. 合并 /home/cams/bea/middleware/wlserver_10.3/server/lib/wlsafclient.jar35800.tmp 与 /home/cams/bea/middleware/wlserver_10.3/server/lib/wlsafclient.jar

  274. 解压缩 /home/cams/bea/middleware/modules/com.bea.core.apache_1.3.0.1.jar63015.tmp

  275. 合并 /home/cams/bea/middleware/modules/com.bea.core.apache_1.3.0.1.jar63015.tmp 与 /home/cams/bea/middleware/modules/com.bea.core.apache_1.3.0.1.jar

  276. 解压缩 /home/cams/bea/middleware/modules/com.bea.core.bea.opensaml_1.0.0.0_6-2-0-0.jar1609.tmp

  277. 合并 /home/cams/bea/middleware/modules/com.bea.core.bea.opensaml_1.0.0.0_6-2-0-0.jar1609.tmp 与 /home/cams/bea/middleware/modules/com.bea.core.bea.opensaml_1.0.0.0_6-2-0-0.jar

  278. 解压缩 /home/cams/bea/middleware/wlserver_10.3/server/lib/wlt3client.jar33270.tmp

  279. 更新 /home/cams/bea/middleware/wlserver_10.3/server/lib/wlt3client.jar33270.tmp 到 /home/cams/bea/middleware/wlserver_10.3/server/lib/wlt3client.jar

  280. 解压缩 /home/cams/bea/middleware/wlserver_10.3/server/lib/wlw-langx.jar15576.tmp

  281. 合并 /home/cams/bea/middleware/wlserver_10.3/server/lib/wlw-langx.jar15576.tmp 与 /home/cams/bea/middleware/wlserver_10.3/server/lib/wlw-langx.jar

  282. 解压缩 /home/cams/bea/middleware/wlserver_10.3/server/lib/wlt3jmsclient.jar29013.tmp

  283. 更新 /home/cams/bea/middleware/wlserver_10.3/server/lib/wlt3jmsclient.jar29013.tmp 到 /home/cams/bea/middleware/wlserver_10.3/server/lib/wlt3jmsclient.jar

  284. 解压缩 /home/cams/bea/middleware/wlserver_10.3/server/lib/wljmxclient.jar43506.tmp

  285. 合并 /home/cams/bea/middleware/wlserver_10.3/server/lib/wljmxclient.jar43506.tmp 与 /home/cams/bea/middleware/wlserver_10.3/server/lib/wljmxclient.jar

  286. 解压缩 /home/cams/bea/middleware/wlserver_10.3/server/lib/wlsaft3client.jar43891.tmp

  287. 合并 /home/cams/bea/middleware/wlserver_10.3/server/lib/wlsaft3client.jar43891.tmp 与 /home/cams/bea/middleware/wlserver_10.3/server/lib/wlsaft3client.jar

  288. 解压缩 /home/cams/bea/middleware/modules/ws.databinding.plugins_1.3.0.0.jar16566.tmp

  289. 合并 /home/cams/bea/middleware/modules/ws.databinding.plugins_1.3.0.0.jar16566.tmp 与 /home/cams/bea/middleware/modules/ws.databinding.plugins_1.3.0.0.jar

  290. 解压缩 /home/cams/bea/middleware/modules/com.oracle.core.weblogic.msgcat_1.2.0.0.jar32086.tmp

  291. 合并 /home/cams/bea/middleware/modules/com.oracle.core.weblogic.msgcat_1.2.0.0.jar32086.tmp 与 /home/cams/bea/middleware/modules/com.oracle.core.weblogic.msgcat_1.2.0.0.jar

  292. 解压缩 /home/cams/bea/middleware/modules/com.bea.core.bea.opensaml2_1.0.0.0_6-2-0-0.jar34414.tmp

  293. 合并 /home/cams/bea/middleware/modules/com.bea.core.bea.opensaml2_1.0.0.0_6-2-0-0.jar34414.tmp 与 /home/cams/bea/middleware/modules/com.bea.core.bea.opensaml2_1.0.0.0_6-2-0-0.jar

  294. 解压缩 /home/cams/bea/middleware/modules/com.bea.core.descriptor_1.10.0.0.jar20553.tmp

  295. 合并 /home/cams/bea/middleware/modules/com.bea.core.descriptor_1.10.0.0.jar20553.tmp 与 /home/cams/bea/middleware/modules/com.bea.core.descriptor_1.10.0.0.jar

  296. 解压缩 /home/cams/bea/middleware/wlserver_10.3/server/lib/wljmsclient.jar52216.tmp

  297. 合并 /home/cams/bea/middleware/wlserver_10.3/server/lib/wljmsclient.jar52216.tmp 与 /home/cams/bea/middleware/wlserver_10.3/server/lib/wljmsclient.jar

  298. 解压缩 /home/cams/bea/middleware/modules/com.bea.core.common.security.saml2_1.0.0.0_6-2-0-0.jar55023.tmp

  299. 合并 /home/cams/bea/middleware/modules/com.bea.core.common.security.saml2_1.0.0.0_6-2-0-0.jar55023.tmp 与 /home/cams/bea/middleware/modules/com.bea.core.common.security.saml2_1.0.0.0_6-2-0-0.jar

  300. 解压缩 /home/cams/bea/middleware/modules/com.bea.core.weblogic.stax_1.11.0.0.jar45419.tmp

  301. 更新 /home/cams/bea/middleware/modules/com.bea.core.weblogic.stax_1.11.0.0.jar45419.tmp 到 /home/cams/bea/middleware/modules/com.bea.core.weblogic.stax_1.11.0.0.jar

  302. 结果: 成功

 查看最新的补丁信息

  1. cams@SCT-APP:~/bea/middleware/utils/bsu> ./bsu.sh -prod_dir=/home/cams/bea/middleware/wlserver_10.3/ -status=applied -verbose -view

  2. ProductName: WebLogic Server

  3. ProductVersion: 10.3 MP6

  4. Components: WebLogic Server/Core Application Server,WebLogic Server/Admi

  5.                    nistration Console,WebLogic Server/Configuration Wizard and

  6.                    Upgrade Framework,WebLogic Server/Web 2.0 HTTP Pub-Sub Serve

  7.                    r,WebLogic Server/WebLogic SCA,WebLogic Server/WebLogic JDBC

  8.                     Drivers,WebLogic Server/Third Party JDBC Drivers,WebLogic S

  9.                    erver/WebLogic Server Clients,WebLogic Server/WebLogic Web S

  10.                    erver Plugins,WebLogic Server/UDDI and Xquery Support,WebLog

  11.                    ic Server/Evaluation Database,WebLogic Server/Workshop Code

  12.                    Completion Support

  13. BEAHome: /home/cams/bea/middleware

  14. ProductHome: /home/cams/bea/middleware/wlserver_10.3

  15. PatchSystemDir: /home/cams/bea/middleware/utils/bsu

  16. PatchDir: /home/cams/bea/middleware/patch_wls1036

  17. Profile: Default

  18. DownloadDir: /home/cams/bea/middleware/utils/bsu/cache_dir

  19. JavaVersion: 1.6.0_29

  20. JavaVendor: Sun

  21. Patch ID: FMJJ

  22. PatchContainer: FMJJ.jar

  23. Checksum: 591477727

  24. Severity: optional

  25. Category: General

  26. CR/BUG: 26519424

  27. Restart: true

  28. Description: WLS PATCH SET UPDATE 10.3.6.0.171017

  29. WLS PATCH SET UPDATE 10

  30.                    .3.6.0.171017

第四步,使用工具复测漏洞

 启动一个weblogic域

  1. cams@SCT-APP:~/bea/middleware/utils/bsu> cd /home/cams/bea/middleware/user_projects/domains/cams_wf/

  2. cams@SCT-APP:~/bea/middleware/user_projects/domains/cams_wf> nohup ./startWebLogic.sh >/dev/null 2>&1 &

  3. [1] 17849

  4. cams@SCT-APP:~/bea/middleware/user_projects/domains/cams_wf> netstat -nlp | grep 7006

  5. (Not all processes could be identified, non-owned process info

  6.  will not be shown, you would have to be root to see it all.)

  7. tcp        0      0 10.6.3.226:7006         0.0.0.0:* LISTEN      17902/java

  8. tcp        0      0 127.0.0.1:7006          0.0.0.0:* LISTEN      17902/java

测试RCE漏洞

  1. F:\weblogic_wls_wsat_rce-master>python weblogic_wls_wsat_exp.py -t 10.6.3.226:70

  2. 06 -c ls

  3. [-]FAIL:404 no output

从测试返回结果“FAIL:404 no output”,显然漏洞已经修复。
3.最后,由于之前操作卸载了反序列化漏洞的补丁,还需使用测试“Java反序列化漏洞”是否存在。经过测试,反序列化漏洞也已经修复。(具体测试工具也可从Github上下载)

上述内容就是Weblogic WLS组件REC漏洞CVE-2017-10271测试与修复方案是什么,你们学到知识或技能了吗?如果还想学到更多技能或者丰富自己的知识储备,欢迎关注编程网行业资讯频道。

阅读原文内容投诉

免责声明:

① 本站未注明“稿件来源”的信息均来自网络整理。其文字、图片和音视频稿件的所属权归原作者所有。本站收集整理出于非商业性的教育和科研之目的,并不意味着本站赞同其观点或证实其内容的真实性。仅作为临时的测试数据,供内部测试之用。本站并未授权任何人以任何方式主动获取本站任何信息。

② 本站未注明“稿件来源”的临时测试数据将在测试完成后最终做删除处理。有问题或投稿请发送至: 邮箱/279061341@qq.com QQ/279061341

软考中级精品资料免费领

  • 历年真题答案解析
  • 备考技巧名师总结
  • 高频考点精准押题
  • 2024年上半年信息系统项目管理师第二批次真题及答案解析(完整版)

    难度     813人已做
    查看
  • 【考后总结】2024年5月26日信息系统项目管理师第2批次考情分析

    难度     354人已做
    查看
  • 【考后总结】2024年5月25日信息系统项目管理师第1批次考情分析

    难度     318人已做
    查看
  • 2024年上半年软考高项第一、二批次真题考点汇总(完整版)

    难度     435人已做
    查看
  • 2024年上半年系统架构设计师考试综合知识真题

    难度     224人已做
    查看

相关文章

发现更多好内容

猜你喜欢

AI推送时光机
位置:首页-资讯-后端开发
咦!没有更多了?去看看其它编程学习网 内容吧
首页课程
资料下载
问答资讯