weblogic 漏洞扫描工具
2022-11-16 08:11:50 Author: 系统安全运维(查看原文) 阅读量:38 收藏

目前可检测漏洞编号有(部分非原理检测,需手动验证):

  • weblogic administrator console

  • CVE-2014-4210

  • CVE-2016-0638

  • CVE-2016-3510

  • CVE-2017-3248

  • CVE-2017-3506

  • CVE-2017-10271

  • CVE-2018-2628

  • CVE-2018-2893

  • CVE-2018-2894

  • CVE-2018-3191

  • CVE-2018-3245

  • CVE-2018-3252

  • CVE-2019-2618

  • CVE-2019-2725

  • CVE-2019-2729

  • CVE-2019-2890

  • CVE-2020-2551

  • CVE-2020-14882

  • CVE-2020-14883

大佬可自己加最新poc。
使用环境:

  • python >= 3.6

进入项目目录,使用以下命令安装依赖库

$ pip3 install requests

使用说明:

usage: ws.py [-h] -t TARGETS [TARGETS ...] -v VULNERABILITY             [VULNERABILITY ...] [-o OUTPUT]
optional arguments: -h, --help 帮助信息 -t TARGETS [TARGETS ...], --targets TARGETS [TARGETS ...] 直接填入目标或文件列表(默认使用端口7001). 例子: 127.0.0.1:7001 -v VULNERABILITY [VULNERABILITY ...], --vulnerability VULNERABILITY [VULNERABILITY ...] 漏洞名称或CVE编号,例子:"weblogic administrator console" -o OUTPUT, --output OUTPUT 输出 json 结果的路径。默认不输出结果  -s--ssl             强制使用 https 协议请求

示例:

(venv) ~/weblogicScanner$ python ws.py -t 192.168.124.129[23:03:04][INFO] [*][Weblogic Console][192.168.56.129:7001] Start...[23:03:04][INFO] [+][Weblogic Console][192.168.56.129:7001] Found module![23:03:04][INFO] [*][Weblogic Console][192.168.56.129:7001] Please verify manually![23:03:04][INFO] [*][CVE-2014-4210][192.168.56.129:7001] Start...[23:03:04][INFO] [-][CVE-2014-4210][192.168.56.129:7001] Not found.[23:03:04][INFO] [*][CVE-2016-0638][192.168.56.129:7001] Start...[23:03:06][INFO] [-][CVE-2016-0638][192.168.56.129:7001] Not vulnerability.[23:03:06][INFO] [*][CVE-2016-3510][192.168.56.129:7001] Start...[23:03:08][INFO] [-][CVE-2016-3510][192.168.56.129:7001] Not vulnerability.[23:03:08][INFO] [*][CVE-2017-3248][192.168.56.129:7001] Start...[23:03:10][INFO] [-][CVE-2017-3248][192.168.56.129:7001] Not vulnerability.[23:03:10][INFO] [*][CVE-2017-3506][192.168.56.129:7001] Start...[23:03:10][INFO] [-][CVE-2017-3506][192.168.56.129:7001] Not vulnerability.[23:03:10][INFO] [*][CVE-2017-10271][192.168.56.129:7001] Start...[23:03:10][INFO] [-][CVE-2017-10271][192.168.56.129:7001] Not vulnerability.[23:03:10][INFO] [*][CVE-2018-2628][192.168.56.129:7001] Start...[23:03:14][INFO] [+][CVE-2018-2628][192.168.56.129:7001] Exists vulnerability![23:03:14][INFO] [*][CVE-2018-2893][192.168.56.129:7001] Start...[23:03:18][INFO] [+][CVE-2018-2893][192.168.56.129:7001] Exists vulnerability![23:03:18][INFO] [*][CVE-2018-2894][192.168.56.129:7001] Start...[23:03:19][INFO] [+][CVE-2018-2894][192.168.56.129:7001] Found module![23:03:19][INFO] [*][CVE-2018-2894][192.168.56.129:7001] Please verify manually![23:03:19][INFO] [*][CVE-2018-3191][192.168.56.129:7001] Start...[23:03:23][INFO] [+][CVE-2018-3191][192.168.56.129:7001] Exists vulnerability![23:03:23][INFO] [*][CVE-2018-3245][192.168.56.129:7001] Start...[23:03:29][INFO] [-][CVE-2018-3245][192.168.56.129:7001] Not vulnerability.[23:03:29][INFO] [*][CVE-2018-3252][192.168.56.129:7001] Start...[23:03:36][INFO] [+][CVE-2018-3252][192.168.56.129:7001] Found module![23:03:36][INFO] [*][CVE-2018-3252][192.168.56.129:7001] Please verify manually![23:03:36][INFO] [*][CVE-2019-2618][192.168.56.129:7001] Start...[23:03:36][INFO] [+][CVE-2019-2618][192.168.56.129:7001] Found module![23:03:36][INFO] [*][CVE-2019-2618][192.168.56.129:7001] Please verify manually![23:03:36][INFO] [*][CVE-2019-2725][192.168.56.129:7001] Start...[23:03:46][INFO] [-][CVE-2019-2725][192.168.56.129:7001] Not vulnerability.[23:03:46][INFO] [*][CVE-2019-2729][192.168.56.129:7001] Start...[23:03:54][INFO] [-][CVE-2019-2729][192.168.56.129:7001] Not vulnerability.[23:03:54][INFO] [*][CVE-2019-2888][192.168.56.129:7001] Start...[23:03:56][INFO] [+][CVE-2019-2888][192.168.56.129:7001] Found module![23:03:56][INFO] [*][CVE-2019-2888][192.168.56.129:7001] Please verify manually![23:03:56][INFO] [*][CVE-2019-2890][192.168.56.129:7001] Start...[23:03:58][INFO] [-][CVE-2019-2890][192.168.56.129:7001] Not vulnerability.[23:03:58][INFO] [*][CVE-2020-2551][192.168.56.129:7001] Start...[23:03:58][INFO] [+][CVE-2020-2551][192.168.56.129:7001] Found module![23:03:58][INFO] [*][CVE-2020-2551][192.168.56.129:7001] Please verify manually![23:03:58][INFO] [*][CVE-2020-2555][192.168.56.129:7001] Start...[23:04:02][INFO] [+][CVE-2020-2555][192.168.56.129:7001] Exists vulnerability![23:04:02][INFO] [*][CVE-2020-2883][192.168.56.129:7001] Start...[23:04:06][INFO] [+][CVE-2020-2883][192.168.56.129:7001] Exists vulnerability![23:04:06][INFO] [*][CVE-2020-14882][192.168.56.129:7001] Start...[23:04:23][INFO] [-][CVE-2020-14882][192.168.56.129:7001] Not vulnerability.[23:04:23][INFO] [*][CVE-2020-14883][192.168.56.129:7001] Start...[23:04:23][INFO] [+][CVE-2020-14883][192.168.56.129:7001] Exists vulnerability!

私聊公众号发送“weblogic”获取下载链接。


“如侵权请私聊公众号删文”

欢迎关注 系统安全运维 

觉得不错点个“赞”、“在看”哦


文章来源: http://mp.weixin.qq.com/s?__biz=Mzk0NjE0NDc5OQ==&mid=2247512043&idx=3&sn=9a52e09c7e5ac9e9b388284ffb955e51&chksm=c3087c9bf47ff58dff0b72307fcb27d29b6515c558de33fe96d2f0c8eb94507c5aafed4ff22a#rd
如有侵权请联系:admin#unsafe.sh