weblogic 漏洞扫描工具

weblogic 漏洞扫描工具
2022-11-16 08:11:50 Author: 系统安全运维(查看原文) 阅读量:38 收藏

目前可检测漏洞编号有（部分非原理检测，需手动验证）：

weblogic administrator console
CVE-2014-4210
CVE-2016-0638
CVE-2016-3510
CVE-2017-3248
CVE-2017-3506
CVE-2017-10271
CVE-2018-2628
CVE-2018-2893
CVE-2018-2894
CVE-2018-3191
CVE-2018-3245
CVE-2018-3252
CVE-2019-2618
CVE-2019-2725
CVE-2019-2729
CVE-2019-2890
CVE-2020-2551
CVE-2020-14882
CVE-2020-14883

大佬可自己加最新poc。
使用环境：

python >= 3.6

进入项目目录，使用以下命令安装依赖库

$ pip3 install requests

使用说明：

usage: ws.py [-h] -t TARGETS [TARGETS ...] -v VULNERABILITY             [VULNERABILITY ...] [-o OUTPUT]
optional arguments:  -h, --help            帮助信息  -t TARGETS [TARGETS ...], --targets TARGETS [TARGETS ...]                        直接填入目标或文件列表（默认使用端口7001）. 例子：                        127.0.0.1:7001  -v VULNERABILITY [VULNERABILITY ...], --vulnerability VULNERABILITY [VULNERABILITY ...]                        漏洞名称或CVE编号，例子："weblogic administrator console"  -o OUTPUT, --output OUTPUT                        输出 json 结果的路径。默认不输出结果  -s, --ssl             强制使用 https 协议请求

示例：

(venv) ~/weblogicScanner$ python ws.py -t 192.168.124.129[23:03:04][INFO] [*][Weblogic Console][192.168.56.129:7001] Start...[23:03:04][INFO] [+][Weblogic Console][192.168.56.129:7001] Found module![23:03:04][INFO] [*][Weblogic Console][192.168.56.129:7001] Please verify manually![23:03:04][INFO] [*][CVE-2014-4210][192.168.56.129:7001] Start...[23:03:04][INFO] [-][CVE-2014-4210][192.168.56.129:7001] Not found.[23:03:04][INFO] [*][CVE-2016-0638][192.168.56.129:7001] Start...[23:03:06][INFO] [-][CVE-2016-0638][192.168.56.129:7001] Not vulnerability.[23:03:06][INFO] [*][CVE-2016-3510][192.168.56.129:7001] Start...[23:03:08][INFO] [-][CVE-2016-3510][192.168.56.129:7001] Not vulnerability.[23:03:08][INFO] [*][CVE-2017-3248][192.168.56.129:7001] Start...[23:03:10][INFO] [-][CVE-2017-3248][192.168.56.129:7001] Not vulnerability.[23:03:10][INFO] [*][CVE-2017-3506][192.168.56.129:7001] Start...[23:03:10][INFO] [-][CVE-2017-3506][192.168.56.129:7001] Not vulnerability.[23:03:10][INFO] [*][CVE-2017-10271][192.168.56.129:7001] Start...[23:03:10][INFO] [-][CVE-2017-10271][192.168.56.129:7001] Not vulnerability.[23:03:10][INFO] [*][CVE-2018-2628][192.168.56.129:7001] Start...[23:03:14][INFO] [+][CVE-2018-2628][192.168.56.129:7001] Exists vulnerability![23:03:14][INFO] [*][CVE-2018-2893][192.168.56.129:7001] Start...[23:03:18][INFO] [+][CVE-2018-2893][192.168.56.129:7001] Exists vulnerability![23:03:18][INFO] [*][CVE-2018-2894][192.168.56.129:7001] Start...[23:03:19][INFO] [+][CVE-2018-2894][192.168.56.129:7001] Found module![23:03:19][INFO] [*][CVE-2018-2894][192.168.56.129:7001] Please verify manually![23:03:19][INFO] [*][CVE-2018-3191][192.168.56.129:7001] Start...[23:03:23][INFO] [+][CVE-2018-3191][192.168.56.129:7001] Exists vulnerability![23:03:23][INFO] [*][CVE-2018-3245][192.168.56.129:7001] Start...[23:03:29][INFO] [-][CVE-2018-3245][192.168.56.129:7001] Not vulnerability.[23:03:29][INFO] [*][CVE-2018-3252][192.168.56.129:7001] Start...[23:03:36][INFO] [+][CVE-2018-3252][192.168.56.129:7001] Found module![23:03:36][INFO] [*][CVE-2018-3252][192.168.56.129:7001] Please verify manually![23:03:36][INFO] [*][CVE-2019-2618][192.168.56.129:7001] Start...[23:03:36][INFO] [+][CVE-2019-2618][192.168.56.129:7001] Found module![23:03:36][INFO] [*][CVE-2019-2618][192.168.56.129:7001] Please verify manually![23:03:36][INFO] [*][CVE-2019-2725][192.168.56.129:7001] Start...[23:03:46][INFO] [-][CVE-2019-2725][192.168.56.129:7001] Not vulnerability.[23:03:46][INFO] [*][CVE-2019-2729][192.168.56.129:7001] Start...[23:03:54][INFO] [-][CVE-2019-2729][192.168.56.129:7001] Not vulnerability.[23:03:54][INFO] [*][CVE-2019-2888][192.168.56.129:7001] Start...[23:03:56][INFO] [+][CVE-2019-2888][192.168.56.129:7001] Found module![23:03:56][INFO] [*][CVE-2019-2888][192.168.56.129:7001] Please verify manually![23:03:56][INFO] [*][CVE-2019-2890][192.168.56.129:7001] Start...[23:03:58][INFO] [-][CVE-2019-2890][192.168.56.129:7001] Not vulnerability.[23:03:58][INFO] [*][CVE-2020-2551][192.168.56.129:7001] Start...[23:03:58][INFO] [+][CVE-2020-2551][192.168.56.129:7001] Found module![23:03:58][INFO] [*][CVE-2020-2551][192.168.56.129:7001] Please verify manually![23:03:58][INFO] [*][CVE-2020-2555][192.168.56.129:7001] Start...[23:04:02][INFO] [+][CVE-2020-2555][192.168.56.129:7001] Exists vulnerability![23:04:02][INFO] [*][CVE-2020-2883][192.168.56.129:7001] Start...[23:04:06][INFO] [+][CVE-2020-2883][192.168.56.129:7001] Exists vulnerability![23:04:06][INFO] [*][CVE-2020-14882][192.168.56.129:7001] Start...[23:04:23][INFO] [-][CVE-2020-14882][192.168.56.129:7001] Not vulnerability.[23:04:23][INFO] [*][CVE-2020-14883][192.168.56.129:7001] Start...[23:04:23][INFO] [+][CVE-2020-14883][192.168.56.129:7001] Exists vulnerability!

私聊公众号发送“weblogic”获取下载链接。

“如侵权请私聊公众号删文”

欢迎关注系统安全运维

觉得不错点个“赞”、“在看”哦

文章来源: http://mp.weixin.qq.com/s?__biz=Mzk0NjE0NDc5OQ==&mid=2247512043&idx=3&sn=9a52e09c7e5ac9e9b388284ffb955e51&chksm=c3087c9bf47ff58dff0b72307fcb27d29b6515c558de33fe96d2f0c8eb94507c5aafed4ff22a#rd
如有侵权请联系:admin#unsafe.sh