Tomcat CVE-2017-12617 Exploit/PoC

Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution for Python3

I just made a few adjustments to the original script to be compatible with Python 3!

If there's any problems or issues faced, feel free to shoot me an email satanclause666999@gmail.com or you can shoot me too if you want.

Don't judge my email, it's used for as a throwaway

How to Use

./cve-2017-12617.py [options]

options:

-u ,--url [::] check target url if it's vulnerable

-p,--pwn [::] generate webshell and upload it

-l,--list [::] hosts list

[+]usage:

./cve-2017-12617.py -u http://127.0.0.1

./cve-2017-12617.py --url http://127.0.0.1

./cve-2017-12617.py -u http://127.0.0.1 -p pwn

./cve-2017-12617.py --url http://127.0.0.1 -pwn pwn

./cve-2017-12617.py -l hotsts.txt

./cve-2017-12617.py --list hosts.txt

Name		Name	Last commit message	Last commit date
Latest commit History 6 Commits
README.md		README.md
tomcat-jsp.py		tomcat-jsp.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

README.md

tomcat-jsp.py

tomcat-jsp.py

Repository files navigation

Tomcat CVE-2017-12617 Exploit/PoC

How to Use

About

Releases

Packages

Languages

tyranteye666/tomcat-cve-2017-12617

Folders and files

Latest commit

History

README.md

README.md

tomcat-jsp.py

tomcat-jsp.py

Repository files navigation

Tomcat CVE-2017-12617 Exploit/PoC

How to Use

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages