Skip to content
This exploit for CVE 2018-11759, vulnerability in apache mod_jk, module for load-balancer
Branch: master
Clone or download
Latest commit c3b697d Jan 21, 2019
Type Name Latest commit message Commit time
Failed to load latest commit information.

Other language git - pt-BR

Check if your instances are expose the CVE 2018-11759

The archive main are a script in bash for exploiting.

The urls shall use the protocol and complete addres, example:


For more urls in one consult, can be used the here-document, example:

# Call the bash, no request permission for exec
bash main << EOF
# ...

If no want use the here-document, he can be open with bash main


To facilitate the audit report a file is created in files_cap/ with name of that have all details of target load balancer, with internal address, ports, timestemp, distros, routes, etc.


This exploit is free, GNU GPL version 3

This project created by @jul10l1r4 are part of Segmentation fault

Segmentation fault

You can’t perform that action at this time.