Giters

xsscx / cve-2017-5638

Example PoC Code for CVE-2017-5638 | Apache Struts Exploit

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

cve-2017-5638apachestruts2exploitpocpythoncodecontent-type

CVE-2017-5638 PoC Code in Python | DORK: ext:action

Example PoC Code for CVE-2017-5638 | Apache Struts Exploit | DORK: ext:action

USAGE: python struts.py https://victim.site dir

The initial Python Script that was Posted didn't correctly format the Content-Type Header. I recoded the Content Type Header to properly format Content-Type:%20{Exploit}. I also added a logging and Requests, then dumped the Object Properties to stdout.

SAMPLE OUTPUT

Check for CVE-2017-5638 by XSS.Cx

Volume in drive D has no label. Volume Serial Number is 2A7B-A245 Directory of d:\Program Files\Apache Software Foundation\Tomcat 9.0

About

Example PoC Code for CVE-2017-5638 | Apache Struts Exploit

cve-2017-5638apachestruts2exploitpocpythoncodecontent-type

Languages

Language:Python 100.0%