apache-struts2 CVE-2017-5638, CVE-2017-9791, CVE-2018-11776

Demo Application and Exploit

Sample Apache Struts2 App

Struts2-showcase: https://mvnrepository.com/artifact/org.apache.struts/struts2-showcase/2.3.12

Exploit Reference: rapid7/metasploit-framework#8064

Extending for CVE-2017-9791 (notes from hook);

resource; http://pentestit.com/apache-struts2-showcase-remote-code-execution-s2-048/

bit of confusion when I found the original exploit_S2-048.py in the source upon first commit, but still publishing this as it reintroduces windows' platform check in the payload.

thanks to piesecurity for providing the Dockerfile for setting up the lab

PoC now available for CVE-2018-11776;

/~https://github.com/hook-s3c/CVE-2018-11776-Python-PoC

Name		Name	Last commit message	Last commit date
Latest commit History 16 Commits
.gitignore		.gitignore
Dockerfile		Dockerfile
README.md		README.md
exploitS2-045-Content-Dispo.py		exploitS2-045-Content-Dispo.py
exploitS2-045-cmd.py		exploitS2-045-cmd.py
exploitS2-045-header.py		exploitS2-045-header.py
exploitS2-048-cmd.py		exploitS2-048-cmd.py
exploit_S2-048.py		exploit_S2-048.py
struts2-showcase-2.3.12.war		struts2-showcase-2.3.12.war

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

apache-struts2 CVE-2017-5638, CVE-2017-9791, CVE-2018-11776

Extending for CVE-2017-9791 (notes from hook);

PoC now available for CVE-2018-11776;

About

Releases

Packages

Languages

hook-s3c/apache-struts2-PoC

Folders and files

Latest commit

History

Repository files navigation

apache-struts2 CVE-2017-5638, CVE-2017-9791, CVE-2018-11776

Extending for CVE-2017-9791 (notes from hook);

PoC now available for CVE-2018-11776;

About

Topics

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages