Skip to content
Weblogic vulnerability one-click poc detection.
Branch: master
Clone or download
Latest commit 534a246 May 20, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
poc Update CVE_2018_2894.py May 14, 2019
whl Add files via upload May 20, 2019
README.md Update README.md May 20, 2019
Weblogic.log Update Weblogic.log May 14, 2019
WeblogicScan.jpg Add files via upload May 15, 2019
WeblogicScan.py Update WeblogicScan.py May 20, 2019
install.py Add files via upload May 20, 2019

README.md

WeblogicScan

Weblogic vulnerability one-click poc detection.

Software Author: Tide_RabbitMask.
Thanks to the open source POC from the web.
I have only carried out the magic transformation and interface unification.  
Disclaimer:Pia!(o ‵-′)ノ”(ノ﹏<。)
This tool is for safety testing only,and should not be used for illegal use.
    
V 1.2 Features:
Provides a one-click poc detection that includes almost all weblogic history vulnerabilities.
Details are as follows:

    #Console path leak
    Console  
    
    #SSRF:
    CVE-2014-4210      
    
    #JAVA deserialization
    CVE-2016-0638  
    CVE-2016-3510   
    CVE-2017-3248   
    CVE-2018-2628 
    CVE-2018-2893
    CVE-2019-2725		
    
    #Any file upload
    CVE-2018-2894   
    
    #XMLDecoder deserialization
    CVE-2017-10271 
    CVE-2017-3506

V 1.1 Update log:
    Cut exp:all
    Cut poc:CVE-2015-4852
    New poc:CVE-2017-10271,CVE-2019-2725,CVE-2018-2894
    New Logging Function
    New Console
    New Name and Banner

V 1.2 Update log:	
    New Package Off-line Installation:
    	New Folder:/whl/
    	Installation using install.py

Software using Demo:

__        __   _     _             _        ____
\ \      / /__| |__ | | ___   __ _(_) ___  / ___|  ___ __ _ _ __
 \ \ /\ / / _ \ '_ \| |/ _ \ / _` | |/ __| \___ \ / __/ _` | '_ \
  \ V  V /  __/ |_) | | (_) | (_| | | (__   ___) | (_| (_| | | | |
   \_/\_/ \___|_.__/|_|\___/ \__, |_|\___| |____/ \___\__,_|_| |_|
			     |___/
					By Tide_RabbitMask | V 1.2

Welcome To WeblogicScan !!
[*]Console path test begins...
[+]The target Weblogic console address is exposed!
[+]The path is: http://127.0.0.1:7001/console/login/LoginForm.jsp
[+]Please try weak password blasting!
[*]CVE_2014_4210 test begins...
[+]The target Weblogic UDDI module is exposed!
[+]The path is: http://127.0.0.1:7001/uddiexplorer/
[+]Please verify the SSRF vulnerability!
[*]CVE_2016_0638 test begins...
[+]The target weblogic has a JAVA deserialization vulnerability:CVE-2016-0638
[*]CVE_2016_3510 test begins...
[-]Target weblogic not detected CVE-2016-3510
[*]CVE_2017_3248 test begins...
[-]Target weblogic not detected CVE-2017-3248
[*]CVE_2017_3506 test begins...
[-]Target weblogic not detected CVE-2017-3506
[*]CVE_2017_10271 test begins...
[-]Target weblogic not detected CVE-2017-10271
[*]CVE_2018_2628 test begins...
[+]The target weblogic has a JAVA deserialization vulnerability:CVE-2018-2628
[*]CVE_2018_2893 test begins...
[+]The target weblogic has a JAVA deserialization vulnerability:CVE-2018-2893
[*]CVE_2018_2894 test begins...
[-]Target weblogic not detected CVE-2018-2894
[*]CVE_2019_2725 test begins...
[-]Target weblogic not detected CVE-2019-2725
[*]The mission is over,the goal is 127.0.0.1:7001
You can’t perform that action at this time.