关联漏洞
标题:Apache ActiveMQ 代码问题漏洞 (CVE-2023-46604)描述:Apache ActiveMQ是美国阿帕奇(Apache)基金会的一套开源的消息中间件,它支持Java消息服务、集群、Spring Framework等。 Apache ActiveMQ 5.15.16之前、5.16.7之前、5.17.6之前或5.18.3之前版本存在代码问题漏洞,该漏洞源于允许具有代理网络访问权限的远程攻击者通过操纵 OpenWire 协议中的序列化类类型来运行任意 shell 命令。
描述
Detection, Exploit and Mitigation for CVE 2023 46604.
介绍
# CVE-2023-46604 – Apache ActiveMQ RCE (OpenWire Protocol)
This repository documents a lab environment used to understand and detect the CVE-2023-46604 vulnerability affecting Apache ActiveMQ.
The goal of this project:
- Understand how the exploit behaves at the protocol level
- Capture malicious OpenWire traffic
- Build detection rules using Suricata
- Document steps for educational and defensive security use
> ⚠️ **Important**: This repository is for educational and defensive security purposes.
> No exploit code is included here. Only lab setup, detection, and mitigation steps.
## Contents
- Lab network topology
- ActiveMQ installation notes
- Wireshark detection steps
- Suricata IDS rule and configuration
- Screenshots (redacted and safe to share)
- Analysis notes
文件快照
[4.0K] /data/pocs/00639f7e9e096890d353190808204aeae112b619
├── [4.0K] docs
│ └── [ 514] lab-steps.md
├── [4.0K] mitigation-suricata
│ └── [ 113] local.rules
└── [ 810] README.md
3 directories, 3 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。