Skip to content
master
Go to file
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
Dec 4, 2017
Dec 23, 2017

README.md

CVE-2017-9805.py

  1. Better Exploit Code For CVE 2017 9805 apache struts
  2. Should be mostly error proof

Why Recode?

Found that most of the exploit code online simply used string concatenation to insert user supplied commands and insert into an XML string. This isnt very reliable as XML requires certain special characters use encoding. As such, it will trip an error cause those scripts dont account for this. Additionally, properly encoded xml may cause errors in getting proper command execution. This script solves those issues.

What's different?

  1. I added in proper argument parsing
  2. Regex checking of proper argument formatting.
  3. xml as an object instead of just a string
  4. Encoding of commands to prevent errors with special characters in user supplied payload.

About

Better Exploit Code For CVE 2017 9805 apache struts

Resources

License

Releases

No releases published

Packages

No packages published

Languages

You can’t perform that action at this time.