Struts2 远程代码执行漏洞利用工具 bulid 20130720
http://qqhack8.blog.163.com K8拉登哥哥'S BLOG
[+] S2-016 CVE-2013-225 支持GetShell/获取物理路径/执行CMD命令
[+] S2-013 CVE-2013-1966 支持GetShell/获取物理路径/执行CMD命令
[+] S2-009 CVE-2011-3923 支持GetShell/获取物理路径/执行CMD命令
[+] S2-005 CVE-2010-1870 支持GetShell/获取详细信息/执行CMD命令
工具仅供安全检测或网络攻防研究,非法用途后果自负.
K8搞基大队[K8team] 欢迎菜鸟加入学习,高手前来指教
CVE-2013-2251 影响版本:Struts 2.0.0 – Struts 2.3.15 官方地址:http://struts.apache.org/release/2.3.x/docs/s2-016.html
CVE-2013-1966 影响版本:Struts 2.0.0 – Struts 2.3.14 官方地址:http://struts.apache.org/release/2.3.x/docs/s2-016.html
CVE-2011-3923 影响版本:Struts 2.0.0 - Struts 2.3.1.1 官方地址:http://struts.apache.org/release/2.3.x/docs/s2-009.html
CVE-2010-1870 影响版本:Struts 2.0.0 – Struts 2.1.8.1 官方地址:http://struts.apache.org/release/2.2.x/docs/s2-005.html
Target: http://t.30edu.com/Login.do?UnitID=&ReturnUrl=http://oa.30edu.com/Default.do
Whoami: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gbk2312" />
<title>��վ����ǽ</title>
</head>
<style>
p {
line-height:20px;
}
ul{ list-style-type:none;}
li{ list-style-type:none;}
</style>
<body style=" padding:0; margin:0; font:14px/1.5 Microsoft Yahei, ����,sans-serif; color:#555;">
<div style="margin: 0 auto; width:1000px; padding-top:70px; overflow:hidden;">
<div style="width:300px; float:left; height:200px; background:url(http://404.safedog.cn/images/safedogsite/broswer_logo.jpg) no-repeat 100px 60px;"></div>
<div style="width:600px; float:left;">
<div style=" height:40px; line-height:40px; color:#fff; font-size:16px; overflow:hidden; background:#6bb3f6; padding-left:20px;">��վ����ǽ </div>
<div style="border:1px dashed #cdcece; border-top:none; font-size:14px; background:#fff; color:#555; line-height:24px; height:220px; padding:20px 20px 0 20px; overflow-y:auto;background:#f3f7f9;">
<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;"><span style=" font-weight:600; color:#fc4f03;">����������в��Ϸ��������ѱ���վ����Ա�������أ�</span></p>
<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;">����ԭ�����ύ�����ݰ���Σ�յĹ�������</p>
<p style=" margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:1; text-indent:0px;">�����</p>
<ul style="margin-top: 0px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; -qt-list-indent: 1;"><li style=" margin-top:12px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;">1������ύ���ݣ�</li>
<li style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;">2������վ�йܣ�����ϵ�ռ��ṩ�̣�</li>
<li style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;">3����ͨ��վ�ÿͣ�����ϵ��վ����Ա��</li></ul>
</div>
</div>
</div>
<div style="width:900px; margin:0 auto; text-align:right; padding-right:100px; padding-top:10px;"><a href="http://bbs.safedog.cn/thread-59182-1-1.html?from=sitedog" style="color:#268ae7; text-decoration:none; padding-right:20px;">��������ô˵��</a><a href="http://www.safedog.cn/?from=sitedog" style="color:#268ae7; text-decoration:none;">��ȫ��-��վ��ȫר��</a></div>
<div style="width:900px; height:600px; margin:0 auto;">
<iframe allowtransparency=" true" src="http://404.safedog.cn/sitedog_stat.html" frameborder="no" border="0" style="width:900px; height:600px;" >
</iframe>
</div>
</body>
</html>
WebPath: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gbk2312" />
<title>��վ����ǽ</title>
</head>
<style>
p {
line-height:20px;
}
ul{ list-style-type:none;}
li{ list-style-type:none;}
</style>
<body style=" padding:0; margin:0; font:14px/1.5 Microsoft Yahei, ����,sans-serif; color:#555;">
<div style="margin: 0 auto; width:1000px; padding-top:70px; overflow:hidden;">
<div style="width:300px; float:left; height:200px; background:url(http://404.safedog.cn/images/safedogsite/broswer_logo.jpg) no-repeat 100px 60px;"></div>
<div style="width:600px; float:left;">
<div style=" height:40px; line-height:40px; color:#fff; font-size:16px; overflow:hidden; background:#6bb3f6; padding-left:20px;">��վ����ǽ </div>
<div style="border:1px dashed #cdcece; border-top:none; font-size:14px; background:#fff; color:#555; line-height:24px; height:220px; padding:20px 20px 0 20px; overflow-y:auto;background:#f3f7f9;">
<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;"><span style=" font-weight:600; color:#fc4f03;">����������в��Ϸ��������ѱ���վ����Ա�������أ�</span></p>
<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;">����ԭ�����ύ�����ݰ���Σ�յĹ�������</p>
<p style=" margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:1; text-indent:0px;">�����</p>
<ul style="margin-top: 0px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; -qt-list-indent: 1;"><li style=" margin-top:12px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;">1������ύ���ݣ�</li>
<li style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;">2������վ�йܣ�����ϵ�ռ��ṩ�̣�</li>
<li style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;">3����ͨ��վ�ÿͣ�����ϵ��վ����Ա��</li></ul>
</div>
</div>
</div>
<div style="width:900px; margin:0 auto; text-align:right; padding-right:100px; padding-top:10px;"><a href="http://bbs.safedog.cn/thread-59182-1-1.html?from=sitedog" style="color:#268ae7; text-decoration:none; padding-right:20px;">��������ô˵��</a><a href="http://www.safedog.cn/?from=sitedog" style="color:#268ae7; text-decoration:none;">��ȫ��-��վ��ȫר��</a></div>
<div style="width:900px; height:600px; margin:0 auto;">
<iframe allowtransparency=" true" src="http://404.safedog.cn/sitedog_stat.html" frameborder="no" border="0" style="width:900px; height:600px;" >
</iframe>
</div>
</body>
</html>
====================================================================================================================================
Struts2及jboss漏洞利用工具
5星 · 超过95%的资源 需积分: 50 12 浏览量
2015-08-06
13:48:21
上传
评论 1
收藏 9.13MB ZIP 举报 
Struts2及jboss漏洞利用工具.zip (6个子文件) 
Struts2及jboss漏洞利用工具 
jboss_exploit_fat使用说明.txt 2KB K8_Struts2_EXP 
K8fuck.htm 6KB
K8_Struts2_EXP.exe 87KB Target.txt 8KB Evernote.enex 8.53MB
jboss_exploit_fat.jar 4.92MB资源评论
哈哈哈哈121382016-05-17谢谢楼主,学习一下哈
ladengnb2016-04-27Very Good!Thank U!
heartsdream20082016-07-25已经有补丁了
