|

Set up Metasploit Module for Apache Struts 2 REST ( CVE-2017-9805 POC )

Byferit

A critical vulnerability that could completely compromise an apache struts web server was reported by a research team at LGTM  (tracked as CVE-2017-9805 ( S2-052 )). Successful exploitation of this vulnerability could lead to RCE (Remote Code Execution), taking full control over the server and a failed attempt can lead to Denial of Service.

Apache struts is an open source application for building web applications using java. All the web applications that are using this the famous REST application is now vulnerable to this attack. This plugin fails to handle XML payloads while de-serializing them.

Metasploit Module For Apache Struts 2 REST (CVE-2017-9805)

A metasploit module designed for exploiting this vulnerability was released today. Using this module, vulnerable websites can be exploited and easily gain a shell. The name of this module is ‘struts2_rest_xstream’

How to install Metasploit Module for Struts?

Watch Video Tutorial

Download Metasploit Module For Apache Struts 2 REST (CVE-2017-9805)

First you have to download the module by executing the command

wget https://raw.githubusercontent.com/wvu-r7/metasploit-framework/5ea83fee5ee8c23ad95608b7e2022db5b48340ef/modules/exploits/multi/http/struts2_rest_xstream.rb

Next you will have to move this downloaded file to metasploits directory

cp struts2_rest_xstream.rb /usr/share/metasploit-framework/modules/exploits/multi/http/

Now start metasploit to check whether the module is being loaded correctly.

msfconsole

Now load the module by running

use exploit/multi/http/struts2_rest_xstream

We can see that the module is loaded correctly. Now type

show options

To view all parameters to set to execute the attack. If you face any difficulty during the installation, please let me know it in the comments.

Update 8/9/2017

This is the updated version of Metasploit Module For Apache Struts 2 REST (CVE-2017-9805)

https://github.com/rapid7/metasploit-framework/pull/8924/

Vulnerable Versions

Apache Struts 2.5 through 2.5.12 that are using REST are vulnerable to this attack.

Happy Hacking…

 

Similar Posts

New Youtube Ad Sense Monetization Policy | Enabling monetization 2017

Byferit

This post is for people who are planning to make make money from videos uploaded on youtube. They have released an article on 6th April 2017 stating that monetization rules on youtube have changed. Years ago, YouTube opened their partner program to everyone. Anyone could sign up, start uploading videos, and start making money. But…
|

ReelPhish – Defeating Two Factor Authentication Tutorial

Byferit

ReelPhish – Defeating Two Factor Authentication using Real Time Phishing Attack Social Engineering Human Beings and their vulnerabilities have always been one of the loop holes in IT security. Even though the technology; software, networks and hardware, have hardened, attackers are using common people, exploiting the lack of their knowledge to get what they want….

3 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *