下面列出了javax.naming.CommunicationException#getCause ( ) 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。
private static void parseCommunicationException(CommunicationException ce,String protocol,String host,int port,boolean verbose) {
Throwable cause = ce.getCause();
if(cause!=null) {
String eType = cause.getClass().getName();
switch(eType) {
case "weblogic.rjvm.PeerGoneException": //Server forcefully closed connection, so server is likely patched
System.err.println("Target WebLogic Server at "+protocol+"://"+host+":"+port+" forcefully closed "+protocol.toUpperCase()+" connection! Server seems to be patched!"+(verbose ? "" : "\nRe-run with --verbose option to see full error output!"));
break;
case "java.net.ConnectException":
System.out.print("\b\b\b\bfailed!\n");
String message = cause.getMessage();
if(message!=null) {
if(message.contains("java.io.IOException: Empty server reply")) { //Server may not be WebLogic server
System.err.println("Target Server/Port at "+host+":"+port+" does not appear to be running "+protocol.toUpperCase()+"! Target may not be a WebLogic Server!"+(verbose ? "" : "\nRe-run with --verbose option to see full error output!"));
} else if(message.contains("java.net.ConnectException: Connection refused")) { //host is down or port is closed
System.err.println(protocol.toUpperCase()+" Connection to "+host+":"+Integer.toString(port)+" refused! Target host appears to be down or port is closed!"+(verbose ? "" : "\nRe-run with --verbose option to see full error output!"));
} else if(message.contains("javax.net.ssl.SSLHandshakeException")) {
if(message.contains("handshake_failure")) { //SSL Handshake failed due to mismatched supported protocols
System.err.println(protocol.toUpperCase()+" Connection to "+host+":"+Integer.toString(port)+" failed (Handshake Error)! Try a different SSL/TLS connection protocol!"+(verbose ? "" : "\nRe-run with --verbose option to see full error output!"));
} else if(message.contains("Remote host closed connection during handshake")) { //SSL Handshake failed due to server not supporting encrypted connections
System.err.println(protocol.toUpperCase()+" Connection to "+host+":"+Integer.toString(port)+" failed, Remote host closed connection during handshake! Target host/port may not be running an SSL/TLS service!"+(verbose ? "" : "\nRe-run with --verbose option to see full error output!"));
} else { //SSL Handshake failed because server may only support clear-text connection
System.err.println(protocol.toUpperCase()+" Connection to "+host+":"+Integer.toString(port)+" failed! Target host/port may not be running an SSL/TLS service!"+(verbose ? "" : "\nRe-run with --verbose option to see full error output!"));
}
} else if(message.contains("javax.net.ssl.SSLException: Unsupported record version")) { //T3S connection failed due to mismatched supported protocols
System.err.println(protocol.toUpperCase()+" Connection to "+host+":"+Integer.toString(port)+" failed! Try a different SSL/TLS connection protocol!"+(verbose ? "" : "\nRe-run with --verbose option to see full error output!"));
} else if(message.contains("javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?")) { //T3S connection failed due to server not supporting encrypted connections
System.err.println(protocol.toUpperCase()+" Connection to "+host+":"+Integer.toString(port)+" failed, Remote host closed connection during handshake! Target host/port may not be running an SSL/TLS service!"+(verbose ? "" : "\nRe-run with --verbose option to see full error output!"));
} else if(message.contains("java.net.SocketException: Connection reset") && protocol.toUpperCase().equals("T3")) { //clear-text connection failed because server only supports encrypted connection
System.err.println("Target Server/Port at "+host+":"+port+" forcefully reset "+protocol.toUpperCase()+" connection! Service may be running with SSL/TLS (use --t3s option)!"+(verbose ? "" : "\nRe-run with --verbose option to see full error output!"));
} else { //Unknown Connection Error
System.err.println("Unknown Connection Error occurred: connection failed"+(verbose ? "" : "\nRe-run with --verbose option to see full error output!"));
}
}
break;
case "weblogic.socket.UnrecoverableConnectException":
System.out.print("\b\b\b\bfailed!\n");
message = cause.getMessage();
if(message.contains("Login failed for an unknown reason") && protocol.toUpperCase().equals("T3")) { //clear-text connection failed because server only supports encrypted connection
System.err.println("Target Server/Port at "+host+":"+port+" forcefully reset "+protocol.toUpperCase()+" connection! Service may be running with SSL/TLS (use --t3s option)!"+(verbose ? "" : "\nRe-run with --verbose option to see full error output!"));
} else if(message.contains("Login failed for an unknown reason") && protocol.toUpperCase().equals("T3S")) { //encrypted connection failed because server only supports clear-text connection
System.err.println("Target Server/Port at "+host+":"+port+" forcefully reset "+protocol.toUpperCase()+" connection! Target may not be a WebLogic Server!"+(verbose ? "" : "\nRe-run with --verbose option to see full error output!"));
} else { //Unknown Unrecoverable Connection Error
System.err.println("Unknown Unrecoverable Connection Error occurred!"+(verbose ? "" : "\nRe-run with --verbose option to see full error output!"));
}
break;
default: //Unknown Connection Error
System.out.print("\b\b\b\b???\n");
System.err.println("Unknown Connection Error occurred ("+eType+")!"+(verbose ? "" : "\nRe-run with --verbose option to see full error output!"));
break;
}
} else { //Unknown Communication Error
System.out.print("\b\b\b\b???\n");
System.err.println("Unknown Communication Error occurred!"+(verbose ? "" : "\nRe-run with --verbose option to see full error output!"));
}
if(verbose) { //print full stack trace output if --verbose option is set
System.err.print("\n");
ce.printStackTrace();
}
}
private static void parseCommunicationException(CommunicationException ce,String protocol,String host,int port,boolean verbose) {
Throwable cause = ce.getCause();
if(cause!=null) {
String eType = cause.getClass().getName();
switch(eType) {
case "java.net.ConnectException":
String message = cause.getMessage();
if(message!=null) {
if(message.contains("Bootstrap") && message.contains("failed") && message.contains("remote side declared peer gone on this JVM")) { //exploit may have succeeded
System.out.print("\b\b\b\b???\n");
System.err.println("\"peer gone\" error occurred, but this can be normal for \"CustomClass\" exploit method. Exploitation may be successful!"+(verbose ? "" : "\nRe-run with --verbose option to see full error output!"));
} else if(message.contains("java.io.IOException: Empty server reply")) { //Server may not be WebLogic server
System.out.print("\b\b\b\bfailed!\n");
System.err.println("Target Server/Port at "+host+":"+port+" does not appear to be running "+protocol.toUpperCase()+"! Target may not be a WebLogic Server!"+(verbose ? "" : "\nRe-run with --verbose option to see full error output!"));
} else if(message.contains("java.net.ConnectException: Connection refused")) { //host is down or port is closed
System.out.print("\b\b\b\bfailed!\n");
System.err.println(protocol.toUpperCase()+" Connection to "+host+":"+Integer.toString(port)+" refused! Target host appears to be down or port is closed!"+(verbose ? "" : "\nRe-run with --verbose option to see full error output!"));
} else if(message.contains("javax.net.ssl.SSLHandshakeException")) {
System.out.print("\b\b\b\bfailed!\n");
if(message.contains("handshake_failure")) { //SSL Handshake failed due to mismatched supported protocols
System.err.println(protocol.toUpperCase()+" Connection to "+host+":"+Integer.toString(port)+" failed (Handshake Error)! Try a different SSL/TLS connection protocol!"+(verbose ? "" : "\nRe-run with --verbose option to see full error output!"));
} else if(message.contains("Remote host closed connection during handshake")) { //SSL Handshake failed due to server not supporting encrypted connections
System.err.println(protocol.toUpperCase()+" Connection to "+host+":"+Integer.toString(port)+" failed, Remote host closed connection during handshake! Target host/port may not be running an SSL/TLS service!"+(verbose ? "" : "\nRe-run with --verbose option to see full error output!"));
} else { //SSL Handshake failed because server may only support clear-text connection
System.err.println(protocol.toUpperCase()+" Connection to "+host+":"+Integer.toString(port)+" failed! Target host/port may not be running an SSL/TLS service!"+(verbose ? "" : "\nRe-run with --verbose option to see full error output!"));
}
} else if(message.contains("javax.net.ssl.SSLException: Unsupported record version")) { //T3S connection failed due to mismatched supported protocols
System.out.print("\b\b\b\bfailed!\n");
System.err.println(protocol.toUpperCase()+" Connection to "+host+":"+Integer.toString(port)+" failed! Try a different SSL/TLS connection protocol!"+(verbose ? "" : "\nRe-run with --verbose option to see full error output!"));
} else if(message.contains("javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?")) { //T3S connection failed due to server not supporting encrypted connections
System.out.print("\b\b\b\bfailed!\n");
System.err.println(protocol.toUpperCase()+" Connection to "+host+":"+Integer.toString(port)+" failed, Remote host closed connection during handshake! Target host/port may not be running an SSL/TLS service!"+(verbose ? "" : "\nRe-run with --verbose option to see full error output!"));
} else if(message.contains("java.net.SocketException: Connection reset") && protocol.toUpperCase().equals("T3")) { //clear-text connection failed because server only supports encrypted connection
System.out.print("\b\b\b\bfailed!\n");
System.err.println("Target Server/Port at "+host+":"+port+" forcefully reset "+protocol.toUpperCase()+" connection! Service may be running with SSL/TLS (use --t3s option)!"+(verbose ? "" : "\nRe-run with --verbose option to see full error output!"));
} else { //Unknown Connection Error
System.err.println("Unknown Connection Error occurred: connection failed"+(verbose ? "" : "\nRe-run with --verbose option to see full error output!"));
}
}
break;
case "weblogic.socket.UnrecoverableConnectException":
System.out.print("\b\b\b\bfailed!\n");
message = cause.getMessage();
if(message.contains("Login failed for an unknown reason") && protocol.toUpperCase().equals("T3")) { //clear-text connection failed because server only supports encrypted connection
System.err.println("Target Server/Port at "+host+":"+port+" forcefully reset "+protocol.toUpperCase()+" connection! Service may be running with SSL/TLS (use --t3s option)!"+(verbose ? "" : "\nRe-run with --verbose option to see full error output!"));
} else if(message.contains("Login failed for an unknown reason") && protocol.toUpperCase().equals("T3S")) { //encrypted connection failed because server only supports clear-text connection
System.err.println("Target Server/Port at "+host+":"+port+" forcefully reset "+protocol.toUpperCase()+" connection! Target may not be a WebLogic Server!"+(verbose ? "" : "\nRe-run with --verbose option to see full error output!"));
} else { //Unknown Unrecoverable Connection Error
System.err.println("Unknown Unrecoverable Connection Error occurred!"+(verbose ? "" : "\nRe-run with --verbose option to see full error output!"));
}
break;
default: //Unknown Connection Error
System.out.print("\b\b\b\b???\n");
System.err.println("Unknown Connection Error occurred ("+eType+")!"+(verbose ? "" : "\nRe-run with --verbose option to see full error output!"));
break;
}
} else { //Unknown Communication Error
System.out.print("\b\b\b\b???\n");
System.err.println("Unknown Communication Error occurred!"+(verbose ? "" : "\nRe-run with --verbose option to see full error output!"));
}
if(verbose) { //print full stack trace output if --verbose option is set
System.err.print("\n");
ce.printStackTrace();
}
}