CVE-2021-31805 PoC — Apache Struts 2 安全漏洞

Source

Associated Vulnerability

Title:Apache Struts 2 安全漏洞 (CVE-2021-31805)
Description:Apache Struts 2是美国阿帕奇（Apache）基金会的一个用于开发Java EE网络应用程序的开放源代码网页应用程序架构。 Apache Struts 2.0.0版本至2.5.29版本存在安全漏洞，该漏洞源于对不受信任的用户输入在标签属性中使用强制 OGNL 评估。攻击者可利用该漏洞进行远程代码执行并导致安全性降低。

Description

远程代码执行S2-062 CVE-2021-31805验证POC

Readme

# s2-062
远程代码执行S2-062 CVE-2021-31805验证POC

验证方式
![image](https://user-images.githubusercontent.com/75877299/163505291-bb028a4f-19dd-4133-a82d-89c8032cecbc.png)
![image](https://user-images.githubusercontent.com/75877299/163513359-934f75f9-7022-4599-bcc7-d78fbb39f74a.png)


vulfocus靶场问题
poc里面是验证s2-061靶场的，参数为id，新靶场参数为name

判断是id主要是因为想不到windows和linux有什么好的通用命令回显判断特征

靶场应该是无回显的原因，所以看不到指令
不过可以反弹shell和dnslog探测
![b3f8c3552d8a7577358369546979eb4](https://user-images.githubusercontent.com/75877299/163654319-15c45139-121b-470f-acd4-3fde0631d539.png)

![63b34cd006f6daf25a6972f7f0ca4e1](https://user-images.githubusercontent.com/75877299/163654325-9b3df7c7-e528-4fe4-b0d1-0b6687ce9700.png)


针对无回显的
![image](https://user-images.githubusercontent.com/75877299/163706557-95fdbc8b-cc08-492d-9650-d8499c7c3111.png)
![image](https://user-images.githubusercontent.com/75877299/163706568-4bc8508a-3cf2-4dca-aebb-d198fd64e8af.png)

File Snapshot


 [4.0K]  /data/pocs/279d997441623ade310412b419450dab34661546
├── [4.0K]  Dnslog_s2_062.py
├── [1.1K]  README.md
└── [4.4K]  s2-062.py

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!