CVE-2017-5638 PoC — Apache Struts 2 输入验证错误漏洞

Source

https://github.com/0x00-0x00/CVE-2017-5638

Associated Vulnerability

Title:Apache Struts 2 输入验证错误漏洞 (CVE-2017-5638)
Description:The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.

Description

Struts02 s2-045 exploit program

Readme

# CVE-2017-5638 | Struts s2-045

## Description
It is possible to perform a RCE attack with a malicious Content-Type value. If the Content-Type value isn't valid an exception is thrown which is then used to display an error message to a user.

## Affected versions
* Struts 2.3.5
* Struts 2.3.31
* Struts 2.5
* Struts 2.5.10

## Exploitation

## Remediation
To remediate this issue, update the affected software to apply the security patch.

Struts 2.3.32 or 2.5.10.1 are versions that are patched against this particular issue.

## Author
This exploit program was written by zc00l (ANDRE LUIS .. MARQUES); 

In case of modification or use, the credits must not be stripped from the work.

## Resource
https://cwiki.apache.org/confluence/display/WW/S2-045

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5638

File Snapshot

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!