Skip to content

Latest commit

 

History

History
58 lines (47 loc) · 2.43 KB

README.md

File metadata and controls

58 lines (47 loc) · 2.43 KB

CVE-2024-50379-Exploit

This repository provides a Python script for exploiting CVE-2024-50379, a vulnerability that enables attackers to upload a JSP shell to a compromised server, granting them the ability to run arbitrary commands remotely. This exploit is particularly effective if the /uploads directory is missing or lacks proper security on the target server.

Summary

The CVE-2024-50379 vulnerability affects web servers that mishandle file uploads, allowing malicious users to upload JSP shells that can execute commands remotely. The included Python script automates this exploit by uploading a shell to the vulnerable server and facilitating remote command execution through a terminal interface.

Requirements

Before running the script, make sure you have the following:

  • Python 3.6+ (Recommended)
  • requests library. You can install it via pip:
pip install requests

Target Systems

This exploit works against servers such as Apache Tomcat or similar, where the file upload functionality is insecure or the /uploads directory is misconfigured.

Warning: This tool should only be used in environments where you have explicit permission, such as during authorized penetration testing or for educational purposes. Unauthorized use is illegal and unethical.

Instructions

Step 1: Clone the repository

Clone the repository to your local machine:

git clone https://github.com/pwnosec/CVE-2024-50379.git
cd CVE-2024-50379

Install the necessary Python libraries:

pip install requests

Execute the script with:

python exploit.py

Input the base URL

When prompted, enter the base URL of the vulnerable server (e.g., http://localhost:8080). If you omit http:// or https://, it will automatically prepend http:// to the URL.

Upload the shell and run commands

Once the JSP shell is uploaded successfully, you can input commands to execute remotely. The tool will display the output.

[+] Enter the base URL (e.g., localhost:8080): http://127.0.0.1:8080
[+] Verifying server availability...
[+] /uploads directory not found (404), continuing upload attempt...
[+] Attempt 1/3 to upload the shell...
[+] Shell uploaded successfully! You can access it at: http://127.0.0.1:8080/uploads/shell.jsp
[+] Enter a command to run on the server (or 'exit' to quit): whoami
[+] Running command: whoami
[+] Command output:
root

Type exit to terminate the tool after your session is complete.