all things security
Showing 1 - 21 of 21 RSS Feed

Files

Struts2 2.3.15 OGNL Injection
Posted Aug 13, 2013
Authored by Takeshi Terada

Struts2 suffers from an OGNL injection vulnerability that allows for redirection. Versions 2.0.0 through 2.3.15 are affected.

tags | exploit
advisories | CVE-2013-2251
MD5 | b03794da7d18a78a84adf6edf75d8159

Related Files

Apache Struts Jakarta Multipart Parser OGNL Injection
Posted Mar 14, 2017
Authored by egypt, Nixawk, Nike.Zheng, Jeffrey Martin, Chorder | Site metasploit.com

This Metasploit module exploits a remote code execution vulnerability in Apache Struts version 2.3.5 - 2.3.31, and 2.5 - 2.5.10. Remote Code Execution can be performed via http Content-Type header. Native payloads will be converted to executables and dropped in the server's temp dir. If this fails, try a cmd/* payload, which won't have to write to the disk.

tags | exploit, remote, web, code execution
advisories | CVE-2017-5638
MD5 | 8637e8ffc6de9189c657a3e087a50331
Apache Struts REST Plugin With Dynamic Method Invocation Remote Code Execution
Posted Jun 9, 2016
Authored by Nixawk | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in Apache Struts version between 2.3.20 and 2.3.28 (except 2.3.20.2 and 2.3.24.2). Remote Code Execution can be performed when using REST Plugin with ! operator when Dynamic Method Invocation is enabled.

tags | exploit, remote, code execution
advisories | CVE-2016-3087
MD5 | a500c7d4893ccc30f624a84876393fb9
Apache Struts 2.3.28 Dynamic Method Invocation Remote Code Execution
Posted Apr 30, 2016
Authored by Nixawk | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in Apache Struts version between 2.3.20 and 2.3.28 (except 2.3.20.2 and 2.3.24.2). Remote Code Execution can be performed via method: prefix when Dynamic Method Invocation is enabled.

tags | exploit, remote, code execution
advisories | CVE-2016-3081
MD5 | bb77e1c207231c0a1ce3a4a82373b2c0
Apache Struts 2.3.20 Security Fixes
Posted Dec 8, 2014
Authored by Lukasz Lenart | Site struts.apache.org

Apache has released Struts version 2.3.20 which merges various security fixes and extends an existing security mechanism to block access to given Java packages and Classes.

tags | advisory, java
MD5 | 731c184c594e7079c4d5e8d8e95cd386
Struts 2.3.16.3 Manipulation Fix
Posted May 6, 2014
Authored by Lukasz Lenart | Site struts.apache.org

Struts version 2.3.16.3 has been released to extend excluded params to avoid manipulation via the CookieInterceptor.

tags | advisory
MD5 | ccf095b22ac3902cc651f5e7d3bd94f3
Struts 1 ClassLoader Manipulation Update
Posted May 3, 2014
Authored by Rene Gielen | Site struts.apache.org

Apache Struts 1, now EOL'ed a year ago, suffers from a ClassLoader manipulation vulnerability similar to recent findings. Alvaro Munoz and the HP Fortify team have helped the Struts team come up with a recommendation for mitigation.

tags | advisory
advisories | CVE-2014-0114
MD5 | 098fddae80e8cfb5eb78704c5ed8abfa
Apache Struts ClassLoader Manipulation Remote Code Execution
Posted May 2, 2014
Authored by Mark Thomas, Przemyslaw Celej | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in Apache Struts versions < 2.3.16.2. This issue is caused because the ParametersInterceptor allows access to 'class' parameter which is directly mapped to getClass() method and allows ClassLoader manipulation, which allows remote attackers to execute arbitrary Java code via crafted parameters.

tags | exploit, java, remote, arbitrary
advisories | CVE-2014-0094, CVE-2014-0112
MD5 | 319dec4b888717b00b12adae3a924a59
Struts 1 ClassLoader Manipulation
Posted Apr 29, 2014
Authored by Rene Gielen | Site struts.apache.org

Apache Struts 1, now EOL'ed a year ago, suffers from a ClassLoader manipulation vulnerability similar to recent findings.

tags | advisory
advisories | CVE-2014-0114
MD5 | 51bfefc7623fa8972b16f2416ca2ad29
Struts 2.3.16.2 GA Release
Posted Apr 27, 2014
Authored by Lukasz Lenart | Site struts.apache.org

Apache Struts version 2.3.16.2 GA has been released to address ClassLoader security vulnerabilities.

tags | advisory, vulnerability
MD5 | da8cbedb0dcbfb3f2dc1c4cd42b4671f
Struts 2.3.16.1 ClassLoader Manipulation
Posted Apr 24, 2014
Authored by Rene Gielen | Site struts.apache.org

In Struts 2.3.16.1, an issue with ClassLoader manipulation via request parameters was supposed to be resolved. Unfortunately, the correction wasn't sufficient. A security fix release fully addressing this issue is in preparation and will be released as soon as possible.

tags | advisory
MD5 | b913ff2505a57eb069142012ddd52b0f
Apache Struts Developer Mode OGNL Execution
Posted Feb 1, 2014
Authored by juan vazquez, Johannes Dahse, Andreas Nusser, Alvaro | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in Apache Struts 2. The problem exists on applications running in developer mode, where the DebuggingInterceptor allows evaluation and execution of OGNL expressions, which allows remote attackers to execute arbitrary Java code. This Metasploit module has been tested successfully in Struts 2.3.16, Tomcat 7 and Ubuntu 10.04.

tags | exploit, java, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-0394, OSVDB-78276
MD5 | 9f98d7b1dba849fa1ff7ada5c575a868
Struts 2.3.15.3 Cross Site Scripting
Posted Oct 28, 2013
Authored by Nebula

Struts version 2.3.15.3 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 917c62ebfe2f7ca24774d0e124dc3931
Struts2 2.3.15 Open Redirect
Posted Aug 13, 2013
Authored by Takeshi Terada

Struts2 suffers from an open redirection vulnerability. Versions 2.0.0 through 2.3.15 are affected.

tags | exploit
advisories | CVE-2013-2248
MD5 | 3193611b0134f1bd02d60b9390ec2eee
Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution
Posted Jul 25, 2013
Authored by sinn3r, juan vazquez, Takeshi Terada | Site metasploit.com

The Struts 2 DefaultActionMapper supports a method for short-circuit navigation state changes by prefixing parameters with "action:" or "redirect:", followed by a desired navigational target expression. This mechanism was intended to help with attaching navigational information to buttons within forms. In Struts 2 before 2.3.15.1 the information following "action:", "redirect:" or "redirectAction:" is not properly sanitized. Since said information will be evaluated as OGNL expression against the value stack, this introduces the possibility to inject server side code. This Metasploit module has been tested successfully on Struts 2.3.15 over Tomcat 7, with Windows 2003 SP2 and Ubuntu 10.04 operating systems.

tags | exploit
systems | linux, windows, ubuntu
advisories | CVE-2013-2251, OSVDB-95405
MD5 | f4dcb90843377c8138d0fd07f5f040c5
Apache Struts includeParams Remote Code Execution
Posted Jun 2, 2013
Authored by Douglas Rodrigues, Eric Kobrin | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in Apache Struts versions prior to 2.3.14.2. A specifically crafted request parameter can be used to inject arbitrary OGNL code into the stack bypassing Struts and OGNL library protections. When targeting an action which requires interaction through GET the payload should be split having into account the uri limits. In this case, if the rendered jsp has more than one point of injection, it could result in payload corruption. It should happen only when the payload is larger than the uri length.

tags | exploit, remote, arbitrary
advisories | CVE-2013-2115, CVE-2013-1966, OSVDB-93645
MD5 | 50777d021cffce8f107cdb0e44e30e82
Apache Struts ParametersInterceptor Remote Code Execution
Posted Mar 22, 2013
Authored by Meder Kydyraliev | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in Apache Struts versions < 2.3.1.2. This issue is caused because the ParametersInterceptor allows for the use of parentheses which in turn allows it to interpret parameter values as OGNL expressions during certain exception handling for mismatched data types of properties which allows remote attackers to execute arbitrary Java code via a crafted parameter.

tags | exploit, java, remote, arbitrary
advisories | CVE-2011-3923, OSVDB-78501
MD5 | 029499dd57638b7e9ea3532fd62dd326
Apache Struts2 Remote Code Execution
Posted Aug 22, 2012
Authored by kxlzx

This is some demonstration code that explains methods of remote code execution in Apache Struts2.

tags | exploit, remote, code execution
MD5 | b1bde4daeb1aff75e30086206c91e977
Apache Struts 2.2.1.1 Remote Command Execution
Posted Jun 5, 2012
Authored by sinn3r, juan vazquez, Johannes Dahse, Andreas Nusser | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in Apache Struts versions less than or equal to 2.2.1.1. This issue is caused because the ExceptionDelegator interprets parameter values as OGNL expressions during certain exception handling for mismatched data types of properties, which allows remote attackers to execute arbitrary Java code via a crafted parameter.

tags | exploit, java, remote, arbitrary
advisories | CVE-2012-0391, OSVDB-78277
MD5 | 134ffd2e4650e077bb17ff4557a4ba63
Apache Struts2 Local Code Execution
Posted Mar 23, 2012
Authored by voidloafer

Apache Struts2 suffers from a xsltResult local code execution vulnerability.

tags | exploit, local, code execution
MD5 | 98856f585d38b1a71d4d94d9be37fb18
Apache Struts < 2.2.0 Remote Command Execution
Posted Aug 19, 2011
Authored by Meder Kydyraliev, bannedit | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in Apache Struts versions < 2.2.0. This issue is caused by a failure to properly handle unicode characters in OGNL extensive expressions passed to the web server. By sending a specially crafted request to the Struts application it is possible to bypass the "#" restriction on ParameterInterceptors by using OGNL context variables. Bypassing this restriction allows for the execution of arbitrary Java code.

tags | exploit, java, remote, web, arbitrary
advisories | CVE-2010-1870, OSVDB-66280
MD5 | bde580196763354b6003c3f35f903357
Struts2/XWork Remote Command Execution
Posted Jul 14, 2010
Authored by Meder Kydyraliev

Struts2/XWork suffers from a remote command execution vulnerability.

tags | exploit, remote
advisories | CVE-2010-1870
MD5 | 7b3e0de9c487574165854c0ba0e90d8e
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    23 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close