⭕ Emulating and Exploiting Oracle WebLogic Server for PCap Analysis (CVE-2023-21839)

This report documents a practical test and packet-level analysis of CVE-2023-21839 against Oracle WebLogic Server: it describes target and attacker VM setup, how to run a Go PoC and JNDI-Exploit-Kit to achieve remote command execution (demonstrated by spawning calc), and provides a PCAP showing a distinctive ForeignOpaqueReference request over GIOP that can be used to detect exploitation attempts.