kkirsche
commented
6 years ago I haven’t seen that, but it’s certainly possible with incorrect firewall or WAF rules that are doing URL specific blocks rather than port level.
The other thing to note is that it’s not necessarily just port 7001, as it’s trivial to change the port.
Shouldn’t be too hard to add in the additional URL checks with a flag. May also add an option to scan all ports on hosts. Do you think that’d be useful or just generate way too much traffic for the value?
syrius01
Hi,
I would like to thank you for the nice feature you recently added quickly after my request (threads features on the scanner). I'm opening this request in order to know;
Are you aware if some Oracle systems running WebLogic who might not be vulnerable to the default URL (hxxp://oracle-host:7001/wls-wsat/CoordinatorPortType) but might be vulnerable to others like;
/wls-wsat/CoordinatorPortType11 /wls-wsat/ParticipantPortType /wls-wsat/ParticipantPortType11 /wls-wsat/RegistrationPortTypeRPC /wls-wsat/RegistrationPortTypeRPC11 /wls-wsat/RegistrationRequesterPortType /wls-wsat/RegistrationRequesterPortType11
If so, it would be awesome to add these URLs into the scanner to see if some forgotten servers would need the patch applied.
Thanks for your time.