Update weblogic_weakpasswd.py

2019-10-22 19:39:10 +08:00
parent 2f3cf39ac1
commit 9e115312ea
1 changed files with 10 additions and 4 deletions
--- a/weblogic/weblogic_weakpasswd.py
+++ b/weblogic/weblogic_weakpasswd.py
@@ -1,6 +1,7 @@
 # -*- coding: utf-8 -*-
 import requests

+
 '''
 Usage:
    moon.py -u  tomcat http://127.0.0.1:8080
@@ -11,6 +12,7 @@ def attack(URL):
    print('[+]开始检测-weblogic-weak_pawsswd漏洞。[+]')

    #设定用于爆破的账户密码
+    a = 0
    accounts = ['weblogic']
    passwds = ['Oracle@123','weblogic','password','weblogic1']
    for account in accounts:
@@ -25,12 +27,16 @@ def attack(URL):
                    pass
                elif 'Home Page - base_domain - WLS Console' in r.text:
                    print('登录页面'+url)
-                    print('[+]发现弱口令:'+account+' '+passwd)
+                    print('[+]发现弱口令:'+account+' '+passwd+'漏洞检测结束！')
+                    a = 1
                else:
-                    print('[-]')
+                    print('[-]爆破发生错误，请检查网页是否可访问！')
            except:
-                print('[-]访问weblogic登录页面出错.')
-    print('[+]检测结束-weblogic-weak_pawsswd漏洞。[+]')
+                print('[-]访问weblogic登录页面出错,漏洞检测结束！')
+    if a == 0:
+        print('[-]检测结束未发现weblogic-weak_pawsswd弱口令。[-]')
+    else:
+        pass
    print('\n')

 if __name__ == "__main__":