Skip to content

belialboy/apache-struts2-CVE-2017-5638

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits

.gitignore

.gitignore

 
 

README.md

README.md

 
 

exploit.py

exploit.py

 
 

exploit2.py

exploit2.py

 
 

exploit3.py

exploit3.py

 
 

exploit4.py

exploit4.py

 
 

struts2-showcase-2.3.12.war

struts2-showcase-2.3.12.war

 
 

Repository files navigation

apache-struts2-CVE-2017-5638

Demo Application and Exploit

To build a compromised host in AWS use the following in Userdata, with port 8080 open:

#!/bin/bash

sudo yum -y update

sudo yum -y install git tomcat7

cd /home/ec2-user/

sudo git clone https://github.com/belialboy/apache-struts2-CVE-2017-5638.git

sudo cp apache-struts2-CVE-2017-5638/struts2-showcase-2.3.12.war /var/lib/tomcat7/webapps

sudo service tomcat7 restart

Sample Apache Struts2 App

Struts2-showcase: https://mvnrepository.com/artifact/org.apache.struts/struts2-showcase/2.3.12

Exploit Reference: rapid7/metasploit-framework#8064

About

Demo Application and Exploit

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%