Mirrors_BOOKS/Penetration_Testing_POC
1
0
Fork 0
mirror of https://github.com/Mr-xn/Penetration_Testing_POC.git synced 2026-05-09 22:37:49 +08:00
Code Issues Actions 10 Packages Projects Releases Wiki Activity

add Weblogic-scan-Weblogic 漏洞批量扫描工具

Browse Source
This commit is contained in:
Mrxn
2020-07-17 19:55:26 +08:00
parent 5743061f92
commit b0f2280e98
3 changed files with 27 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tools/Weblogic-scan/WeblogicVuln.jar
BIN
View File
Binary file not shown.
tools/Weblogic-scan/readme.md
+26
View File
@@ -0,0 +1,26 @@
V2.0
增加批量检测漏洞功能
去除登陆密码框
V1.0
weblogic administrator 控制台路径泄漏漏洞
弱口令
WebLogic, weblogic, Oracle@123, password, system, Administrator, admin
CVE-2014-4210 Weblogic SSRF漏洞:
影响版本 : 10.0.210.3.6
http://127.0.0.1:7001/uddiexplorer/SearchPublicRegistries.jsp
CVE-2017-3506&CVE-2017-10271 XMLDecoder 反序列化漏洞:
影响版本 : 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0, 12.2.1.2.0
CVE-2018-2894 任意文件上传
影响版本:10.3.6.012.1.3.012.2.1.212.2.1.3
CVE-2019-2725 wls9-async反序列化漏洞
影响版本:10.3.6.0, 12.1.3.0
项目GitHub主页:https://github.com/tangxiaofeng7/Weblogic-scan/