forked from Mr-xn/Penetration_Testing_POC
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathWeblogicScanLot.py
137 lines (114 loc) · 3.96 KB
/
WeblogicScanLot.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
#!/usr/bin/env python
# _*_ coding:utf-8 _*_
'''
____ _ _ _ _ __ __ _
| _ \ __ _| |__ | |__ (_) |_| \/ | __ _ ___| | __
| |_) / _` | '_ \| '_ \| | __| |\/| |/ _` / __| |/ /
| _ < (_| | |_) | |_) | | |_| | | | (_| \__ \ <
|_| \_\__,_|_.__/|_.__/|_|\__|_| |_|\__,_|___/_|\_\
'''
import logging
import re
from multiprocessing import Pool, Manager
import poc.Console
import poc.CVE_2014_4210
import poc.CVE_2016_0638
import poc.CVE_2016_3510
import poc.CVE_2017_3248
import poc.CVE_2017_3506
import poc.CVE_2017_10271
import poc.CVE_2018_2628
import poc.CVE_2018_2893
import poc.CVE_2018_2894
import poc.CVE_2019_2725
import poc.CVE_2019_2729
logging.basicConfig(filename='Weblogic.log',
format='%(asctime)s %(message)s',
filemode="w", level=logging.INFO)
version = "2.2"
banner='''
__ __ _ _ _ ____
\ \ / /__| |__ | | ___ __ _(_) ___ / ___| ___ __ _ _ __
\ \ /\ / / _ \ '_ \| |/ _ \ / _` | |/ __| \___ \ / __/ _` | '_ \
\ V V / __/ |_) | | (_) | (_| | | (__ ___) | (_| (_| | | | |
\_/\_/ \___|_.__/|_|\___/ \__, |_|\___| |____/ \___\__,_|_| |_|
|___/
By Tide_RabbitMask | V {}
'''.format(version)
def board():
print (banner)
print('Welcome To WeblogicScan !!!\nWhoami:rabbitmask.github.io\n')
#懒得做交互了,大家自行变更path
path='ipresult.txt'
poolmana(path)
def poolmana(path):
p = Pool(10)
q = Manager().Queue()
fr = open(path, 'r')
rtar = fr.readlines()
fr.close()
for i in range(len(rtar)):
ruleip=re.compile('(.*?):')
rip =(ruleip.findall(rtar[i]))[0]
ruleport=re.compile(':(.*)')
rport=ruleport.findall(rtar[i])[0]
p.apply_async(work,args=(rip,rport,q,))
p.close()
p.join()
print('>>>>>End of task\n')
def work(rip,rport,q):
print ('[*]任务加载成功,目标:{}:{}\n'.format(rip,rport))
try:
poc.Console.run(rip, rport)
except:
logging.info ("[-]{}:{} console address not found.".format(rip,rport))
try:
poc.CVE_2014_4210.run(rip,rport)
except:
logging.info ("[-]{}:{} not detected CVE_2014_4210.".format(rip,rport))
try:
poc.CVE_2016_0638.run(rip,rport,0)
except:
logging.info ("[-]{}:{} not detected CVE_2016_0638.".format(rip,rport))
try:
poc.CVE_2016_3510.run(rip, rport, 0)
except:
logging.info ("[-]{}:{} not detected CVE_2016_3510.".format(rip,rport))
try:
poc.CVE_2017_3248.run(rip, rport, 0)
except:
logging.info ("[-]{}:{} not detected CVE_2017_3248.".format(rip,rport))
try:
poc.CVE_2017_3506.run(rip, rport, 0)
except:
logging.info ("[-]{}:{} not detected CVE_2017_3506.".format(rip,rport))
try:
poc.CVE_2017_10271.run(rip, rport, 0)
except:
logging.info("[-]{}:{} not detected CVE_2017_10271.".format(rip,rport))
try:
poc.CVE_2018_2628.run(rip, rport, 0)
except:
logging.info("[-]{}:{} not detected CVE_2018_2628.".format(rip,rport))
try:
poc.CVE_2018_2893.run(rip, rport, 0)
except:
logging.info("[-]{}:{} not detected CVE_2018_2893.".format(rip,rport))
try:
poc.CVE_2018_2894.run(rip, rport, 0)
except:
logging.info("[-]{}:{} not detected CVE_2018_2894.".format(rip,rport))
try:
poc.CVE_2019_2725.run(rip, rport, 0)
except:
logging.info("[-]{}:{} not detected CVE_2019_2725.".format(rip,rport))
try:
poc.CVE_2019_2729.run(rip, rport, 0)
except:
logging.info("[-]{}:{} not detected CVE_2019_2729.".format(rip,rport))
print ('[*]任务检测完成,目标:{}:{}\n'.format(rip,rport))
q.put(rip)
def run():
board()
if __name__ == '__main__':
run()