1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Exploit Apache Strust 2 RCE [ Hack a Website ] [ Tutorial ]

Discussion in 'Ethical hacking' started by sabrex, May 31, 2017.

  1. sabrex

    sabrex New Member

    Joined:
    May 27, 2017
    Messages:
    5
    Likes Received:
    1
    Trophy Points:
    3
    Gender:
    Male
    Okay so i just woke up and have seen that there is a new 0 day exploit. This exploit affects apache struts 2. Using burp or the python code below we can specially craft the contents of the http header. The attack works because the specially crafted requests throws an error. This error relates the “Content type” part of the header.

    So what?

    This vulnerability will allow a malicious attacker to send a request that can perform remote code execution. Therefore an attacker can download some script such as a backdoor and run the backdoor on the server making this a deadly attack.

    Tutorial:
     

Share This Page