-
Notifications
You must be signed in to change notification settings - Fork 3
/
WeblogicScan.py
117 lines (99 loc) · 3.26 KB
/
WeblogicScan.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
#!/usr/bin/env python
# _*_ coding:utf-8 _*_
'''
____ _ _ _ _ __ __ _
| _ \ __ _| |__ | |__ (_) |_| \/ | __ _ ___| | __
| |_) / _` | '_ \| '_ \| | __| |\/| |/ _` / __| |/ /
| _ < (_| | |_) | |_) | | |_| | | | (_| \__ \ <
|_| \_\__,_|_.__/|_.__/|_|\__|_| |_|\__,_|___/_|\_\
'''
import sys
import poc.Console
import poc.CVE_2014_4210
import poc.CVE_2016_0638
import poc.CVE_2016_3510
import poc.CVE_2017_3248
import poc.CVE_2017_3506
import poc.CVE_2017_10271
import poc.CVE_2018_2628
import poc.CVE_2018_2893
import poc.CVE_2018_2894
import poc.CVE_2019_2725
version = "1.2"
banner='''
__ __ _ _ _ ____
\ \ / /__| |__ | | ___ __ _(_) ___ / ___| ___ __ _ _ __
\ \ /\ / / _ \ '_ \| |/ _ \ / _` | |/ __| \___ \ / __/ _` | '_ \
\ V V / __/ |_) | | (_) | (_| | | (__ ___) | (_| (_| | | | |
\_/\_/ \___|_.__/|_|\___/ \__, |_|\___| |____/ \___\__,_|_| |_|
|___/
By Tide_RabbitMask | V {}
'''.format(version)
def PocS(rip,rport):
print('[*]Console path test begins...')
try:
poc.Console.run(rip, rport)
except:
print ("[-]Target Weblogic console address not found.")
print('[*]CVE_2014_4210 test begins...')
try:
poc.CVE_2014_4210.run(rip, rport)
except:
print ("[-]CVE_2014_4210 not detected.")
print('[*]CVE_2016_0638 test begins...')
try:
poc.CVE_2016_0638.run(rip, rport, 0)
except:
print ("[-]CVE_2016_0638 not detected.")
print('[*]CVE_2016_3510 test begins...')
try:
poc.CVE_2016_3510.run(rip, rport, 0)
except:
print ("[-]CVE_2016_3510 not detected.")
print('[*]CVE_2017_3248 test begins...')
try:
poc.CVE_2017_3248.run(rip, rport, 0)
except:
print ("[-]CVE_2017_3248 not detected.")
print('[*]CVE_2017_3506 test begins...')
try:
poc.CVE_2017_3506.run(rip, rport, 0)
except:
print ("[-]CVE_2017_3506 not detected.")
print('[*]CVE_2017_10271 test begins...')
try:
poc.CVE_2017_10271.run(rip, rport, 0)
except:
print("[-]CVE_2017_10271 not detected.")
print('[*]CVE_2018_2628 test begins...')
try:
poc.CVE_2018_2628.run(rip, rport, 0)
except:
print("[-]CVE_2018_2628 not detected.")
print('[*]CVE_2018_2893 test begins...')
try:
poc.CVE_2018_2893.run(rip, rport, 0)
except:
print("[-]CVE_2018_2893 not detected.")
print('[*]CVE_2018_2894 test begins...')
try:
poc.CVE_2018_2894.run(rip, rport, 0)
except:
print("[-]CVE_2018_2894 not detected.")
print('[*]CVE_2019_2725 test begins...')
try:
poc.CVE_2019_2725.run(rip, rport, 0)
except:
print("[-]CVE_2019_2725 not detected.")
print ("[*]The mission is over,the goal is {}:{}".format(rip,rport))
def run():
print(banner)
print('Welcome To WeblogicScan !!')
if len(sys.argv)<3:
print('Usage: python WeblogicScan [IP] [PORT]')
else:
url = sys.argv[1]
port = int(sys.argv[2])
PocS(url,port)
if __name__ == '__main__':
run()