来源

关联漏洞

描述

Apache Struts2 CVE-2017-5638 (Safe Educational Demo)

介绍

# PoC: Apache Struts2 CVE-2017-5638 (Safe Educational Demo)

## 📌 Overview
This project is a **Proof-of-Concept (PoC)** for **CVE-2017-5638**, a famous Apache Struts2 vulnerability that allowed attackers to execute arbitrary code on affected servers.  
⚠️ This repository contains a **safe, non-exploitative demo** designed for **educational purposes only**. It does not perform any malicious actions.

---

## 🔎 About the Vulnerability
- **CVE ID**: [CVE-2017-5638](https://nvd.nist.gov/vuln/detail/CVE-2017-5638)  
- **Type**: Remote Code Execution (RCE)  
- **Component**: Apache Struts2 (Jakarta Multipart Parser)  
- **Root Cause**: User input in the `Content-Type` header was improperly passed to **OGNL** (Object-Graph Navigation Language), allowing attackers to inject and execute code on the server.  
 
---

## 🛠️ How This PoC Works
This script demonstrates how an attacker might *test* for the vulnerability — but in a **harmless way**.  

- It sends a specially crafted `Content-Type` header containing an OGNL expression.  
- Instead of executing dangerous commands, the payload simply attempts to add a custom header (`X-Vuln: Vulnerable`) to the server’s response.  
- If the header appears, it means the server is processing OGNL input and is **likely vulnerable**.  

This makes it a safe demonstration of the vulnerability without actually exploiting it.  

---

## ▶️ Usage
```bash
# Install required package
pip install requests

# Run the script
python3 struts2_poc.py

# Enter a target URL when prompted (example)
http://example.com/

文件快照

 [4.0K]  /data/pocs/cf70a41435b9a2c61a137d43696d79b61783514c
├── [ 808]  PoC-CVE-2017-5638.py
└── [1.5K]  README.md

0 directories, 2 files

备注