upload about Weblogic

WeblogicScanLot/WeblogicScanLot.py

@@ -0,0 +1,137 @@
+#!/usr/bin/env python
+# _*_ coding:utf-8 _*_
+
+'''
+ ____       _     _     _ _   __  __           _
+|  _ \ __ _| |__ | |__ (_) |_|  \/  | __ _ ___| | __
+| |_) / _` | '_ \| '_ \| | __| |\/| |/ _` / __| |/ /
+|  _ < (_| | |_) | |_) | | |_| |  | | (_| \__ \   <
+|_| \_\__,_|_.__/|_.__/|_|\__|_|  |_|\__,_|___/_|\_\
+
+'''
+import logging
+import re
+from multiprocessing import Pool, Manager
+import poc.Console
+import poc.CVE_2014_4210
+import poc.CVE_2016_0638
+import poc.CVE_2016_3510
+import poc.CVE_2017_3248
+import poc.CVE_2017_3506
+import poc.CVE_2017_10271
+import poc.CVE_2018_2628
+import poc.CVE_2018_2893
+import poc.CVE_2018_2894
+import poc.CVE_2019_2725
+import poc.CVE_2019_2729
+
+logging.basicConfig(filename='Weblogic.log',
+                    format='%(asctime)s %(message)s',
+                    filemode="w", level=logging.INFO)
+
+version = "2.2"
+banner='''
+__        __   _     _             _        ____                  
+\ \      / /__| |__ | | ___   __ _(_) ___  / ___|  ___ __ _ _ __  
+ \ \ /\ / / _ \ '_ \| |/ _ \ / _` | |/ __| \___ \ / __/ _` | '_ \ 
+  \ V  V /  __/ |_) | | (_) | (_| | | (__   ___) | (_| (_| | | | |
+   \_/\_/ \___|_.__/|_|\___/ \__, |_|\___| |____/ \___\__,_|_| |_|
+                             |___/ 
+                             By Tide_RabbitMask | V {} 
+'''.format(version)
+
+def board():
+    print (banner)
+    print('Welcome To WeblogicScan !!!\nWhoami：rabbitmask.github.io\n')
+    #懒得做交互了，大家自行变更path
+    path='ipresult.txt'
+    poolmana(path)
+
+
+def poolmana(path):
+    p = Pool(10)
+    q = Manager().Queue()
+    fr = open(path, 'r')
+    rtar = fr.readlines()
+    fr.close()
+    for i in range(len(rtar)):
+        ruleip=re.compile('(.*?):')
+        rip =(ruleip.findall(rtar[i]))[0]
+        ruleport=re.compile(':(.*)')
+        rport=ruleport.findall(rtar[i])[0]
+        p.apply_async(work,args=(rip,rport,q,))
+    p.close()
+    p.join()
+    print('>>>>>End of task\n')
+
+
+def work(rip,rport,q):
+    print ('[*]任务加载成功，目标:{}:{}\n'.format(rip,rport))
+    try:
+        poc.Console.run(rip, rport)
+    except:
+        logging.info ("[-]{}:{} console address not found.".format(rip,rport))
+
+    try:
+        poc.CVE_2014_4210.run(rip,rport)
+    except:
+        logging.info ("[-]{}:{} not detected CVE_2014_4210.".format(rip,rport))
+
+    try:
+        poc.CVE_2016_0638.run(rip,rport,0)
+    except:
+        logging.info ("[-]{}:{} not detected CVE_2016_0638.".format(rip,rport))
+
+    try:
+        poc.CVE_2016_3510.run(rip, rport, 0)
+    except:
+        logging.info ("[-]{}:{} not detected CVE_2016_3510.".format(rip,rport))
+
+    try:
+        poc.CVE_2017_3248.run(rip, rport, 0)
+    except:
+        logging.info ("[-]{}:{} not detected CVE_2017_3248.".format(rip,rport))
+
+    try:
+        poc.CVE_2017_3506.run(rip, rport, 0)
+    except:
+        logging.info ("[-]{}:{} not detected CVE_2017_3506.".format(rip,rport))
+
+    try:
+        poc.CVE_2017_10271.run(rip, rport, 0)
+    except:
+        logging.info("[-]{}:{} not detected CVE_2017_10271.".format(rip,rport))
+
+    try:
+        poc.CVE_2018_2628.run(rip, rport, 0)
+    except:
+        logging.info("[-]{}:{} not detected CVE_2018_2628.".format(rip,rport))
+
+    try:
+        poc.CVE_2018_2893.run(rip, rport, 0)
+    except:
+        logging.info("[-]{}:{} not detected CVE_2018_2893.".format(rip,rport))
+
+    try:
+        poc.CVE_2018_2894.run(rip, rport, 0)
+    except:
+        logging.info("[-]{}:{} not detected CVE_2018_2894.".format(rip,rport))
+
+    try:
+        poc.CVE_2019_2725.run(rip, rport, 0)
+    except:
+        logging.info("[-]{}:{} not detected CVE_2019_2725.".format(rip,rport))
+
+    try:
+        poc.CVE_2019_2729.run(rip, rport, 0)
+    except:
+        logging.info("[-]{}:{} not detected CVE_2019_2729.".format(rip,rport))
+
+    print ('[*]任务检测完成，目标:{}:{}\n'.format(rip,rport))
+    q.put(rip)
+
+def run():
+    board()
+
+if __name__ == '__main__':
+    run()