weblogicScanner: weblogic Vulnerability Scanning Tool
weblogicScaner
weblogic Vulnerability Scanning Tool. If there is an unrecorded and open POC vulnerability, please submit the issue.
Some bug fixes were made, some POC did not take effect or configuration errors. I checked before and found that some POC could not be used. In this project, some modifications have been made to the script to improve accuracy.
Note:Some vulnerabilities require multiple tests to verify due to stability reasons.
Currently, detectable vulnerabilities are (some non-principles detection, manual verification required):
- weblogic administrator console
- CVE-2014-4210
- CVE-2016-0638
- CVE-2016-3510
- CVE-2017-3248
- CVE-2017-3506
- CVE-2017-10271
- CVE-2018-2628
- CVE-2018-2893
- CVE-2018-2894
- CVE-2018-3191
- CVE-2018-3245
- CVE-2018-3252
- CVE-2019-2618
- CVE-2019-2725
- CVE-2019-2729
- CVE-2019-2890
- CVE-2020-2551
Download
git clone https://github.com/0xn0ne/weblogicScanner.git
Use
Source: https://github.com/0xn0ne/
