Apache Struts Jakarta Multipart parser allows for malicious file upload using the Content-Type value, leading to remote code execution.
PoC: struts-pwn
An exploit for Apache Struts CVE-2017-5638
PoC: Struts2-045-Exp
Struts2 S2-045(CVE-2017-5638)Exp with GUI
PoC: strutszeiro
Telegram Bot to manage botnets created with struts vulnerability(CVE-2017-5638)
PoC: apache-struts2-CVE-2017-5638
Demo Application and Exploit
PoC: S2-045-EXP-POC-TOOLS
S2-045 漏洞 POC-TOOLS CVE-2017-5638
PoC: S2-045
Struts2 S2-045(CVE-2017-5638)Vulnerability environment - http://www.mottoin.com/97954.html
PoC: st2-046-poc
st2-046-poc CVE-2017-5638
PoC: Struts-Apache-ExploitPack
These are just some script which you can use to detect and exploit the Apache Struts Vulnerability (CVE-2017-5638)
PoC: cve-2017-5638
cve-2017-5638 Vulnerable site sample
PoC: cve-2017-5638
Example PoC Code for CVE-2017-5638 | Apache Struts Exploit
PoC: strutsy
Strutsy - Mass exploitation of Apache Struts (CVE-2017-5638) vulnerability
PoC: CVE-2017-5638
Apache Struts 2.0 RCE vulnerability - Allows an attacker to inject OS commands into a web application through the content-type header
PoC: struts2-rce
Exploitable target to CVE-2017-5638
PoC: CVE-2017-5638_struts
detection for Apache Struts recon and compromise
PoC: CVE-2017-5638
Struts02 s2-045 exploit program
PoC: Apache-Struts-2-CVE-2017-5638-Exploit-
Exploit created by: R4v3nBl4ck end Pacman
PoC: StrutsShell
Apache Struts (CVE-2017-5638) Shell
PoC: CVE-2017-5638
Apache Struts 2.3.5 < 2.3.31 / 2.5 < 2.5.10 - Remote Code Execution - Shell Script
PoC: struts2-jakarta-inject
Golang exploit for CVE-2017-5638
PoC: Strutscli
Struts2 RCE CVE-2017-5638 CLI shell
PoC: Strutshock
Struts2 RCE CVE-2017-5638 non-intrusive check shell script
PoC: CVE-2017-5638-Apache-Struts2
Example PHP Exploiter for CVE-2017-5638
PoC: ExpStruts
A php based exploiter for CVE-2017-5638.
PoC: CVE-2017-5638-Apache-Struts2
Tweaking original PoC (https://github.com/rapid7/metasploit-framework/issues/8064) to work on self-signed certificates
PoC: CVE-2017-5638
CVE-2017-5638 Exploit Rewritten In Python By haxerr9
PoC: struts_hack
An implementation of CVE-2017-5638
PoC: XworkStruts-RCE
(CVE-2017-5638) XworkStruts RCE Vuln test script
PoC: check_struts
Apache Struts version analyzer (Ansible) based on CVE-2017-5638
PoC: struts-rce
Apache Struts CVE-2017-5638 RCE exploitation
PoC: struts2_cve-2017-5638
This is a sort of Java porting of the Python exploit at: https://www.exploit-db.com/exploits/41570/.
PoC: cybersecurity-struts2
Struts2 Application Vulnerable to CVE-2017-5638. Explains how the exploit of the vulnerability works in relation to OGNL and the JakartaMultiPart parser.
PoC: struts-rce-cve-2017-5638
Struts-RCE CVE-2017-5638
PoC: S2-046_S2-045_POC
S2-046|S2-045: Struts 2 Remote Code Execution vulnerability(CVE-2017-5638)
PoC: OgnlContentTypeRejectorValve
This is Valve for Tomcat7 to block Struts 2 Remote Code Execution vulnerability (CVE-2017-5638)
PoC: apache-struts-cve-2017-5638-project
Attack and Defense course project focused on CVE-2017-5638 analysis, exploitation, and mitigation.
PoC: SC3010-Computer-Security
Recreating OGNL Expression Injection vulnerability CVE-2017-5638.
PoC: vulhub-struts2
A practical lab demonstrating the exploitation of a critical Remote Code Execution (RCE) vulnerability in Apache Struts2 (CVE-2017-5638) using Vulhub Docker environments. Includes setup instructions and commands to run the vulnerable container.
PoC: CVE-2017-5638-assignement
Software Security & Privacy ~ Assignement 3 : CVE PoC
PoC: Apache-Struts2-CVE-2017-5638
CVE-2017-5638- PoC
PoC: Computer-Security-Equifax-2017
A hands-on simulation of CVE-2017-5638 (Apache Struts2 RCE), showcasing exploit reproduction, OS-level command execution, and mitigations such as input sanitization and endpoint monitoring. Built in Python/Flask with Jupyter notebook demos
PoC: PoC-CVE-2017-5638
Apache Struts2 CVE-2017-5638 (Safe Educational Demo)
PoC: Detection-struts-cve-2017-5638-detector
Real-time anomaly detection system for Apache Struts CVE-2017-5638 exploit using streaming analytics, 3-gram byte analysis, and Count-Min Sketch. Detects RCE attacks without signatures, with <5ms latency and <0.1% false positives.
PoC: DeliberatelyVulnerableWebApp
A Deliberately Vulnerable Web Application built on Struts 2 (CVE-2017-5638) and Log4J (CVE-2021-44228) for testing and demonstration of OWASP Top 10 Web Application Security Risks: A06:2021-Vulnerable and Outdated Components.
PoC: CVE-2017-5638-POC
Proof of concept of CVE-2017-5638 including the whole setup of the Apache vulnerable server
PoC: CVE-2017-5638-PoC
This repository provides a PoC for CVE-2017-5638, a remote code execution vulnerability in Apache Struts 2, exploitable via a crafted Content-Type HTTP header.
PoC: web-application-firewall-
This project demonstrates a Web Application Firewall (WAF) simulation using Flask and a vulnerability checker for CVE-2017-5638. The WAF middleware blocks HTTP requests containing specific patterns, and the vulnerability checker tests for and exploits the Apache Struts 2 vulnerability (CVE-2017-5638).
PoC: CVE-2017-5638-ApacheStruts2.3.5
A exploit for CVE-2017-5638. This exploit works on versions 2.3.5-2.3.31 and 2.5 – 2.5.10
PoC: CVE-2017-5638
An exploit for CVE-2017-5638
PoC: Exploit-CVE-2017-5638
this exemple of application permet to test the vunerability CVE_2017-5638
PoC: CVE-2017-5638
This script is intended to validate Apache Struts 2 vulnerability (CVE-2017-5638), AKA Struts-Shock.
PoC: vulnerability_struts-2.3.31
Build the struts-2.3.31 (CVE-2017-5638) environment
PoC: CVE-2017-5638
PoC for CVE: 2017-5638 - Apache Struts2 S2-045
PoC: struts2-rce
Exploitable target to CVE-2017-5638
PoC: Aspire
CVE-2017-5638
PoC: cve-2017-5638
Demo app of THAT data broker's security breach
PoC: CVE-2017-5638
CVE-2017-5638 (PoC Exploits)
PoC: apache-struts-v2-CVE-2017-5638
Working POC for CVE 2017-5638
PoC: Common-Vulnerability-and-Exploit
This is the Apache Struts CVE-2017-5638 struts 2 vulnerability. The same CVE that resulted in the equifax database breach.
PoC: Apache-Struts
An exploit for Apache Struts CVE-2017-5638
PoC: strutser
Check for Struts Vulnerability CVE-2017-5638
PoC: CVE-2017-5638
CVE-2017-5638 Test environment
PoC: Struts2Shell
An exploit (and library) for CVE-2017-5638 - Apache Struts2 S2-045 bug.
PoC: Stutsfi
An exploit for CVE-2017-5638 Remote Code Execution (RCE) Vulnerability in Apache Struts 2
PoC: Struts2-045-Exp
CVE-2017-5638
PoC: S2-Reaper
CVE-2017-5638
PoC: CVE-2017-5638
CVE: 2017-5638 in different formats
PoC: test_struts2_vulnerability_CVE-2017-5638
test struts2 vulnerability CVE-2017-5638 in Mac OS X
PoC: strutszeiro
Telegram Bot to manage botnets created with struts vulnerability(CVE-2017-5638)
Get alerted for CVEs like this
Register your stack and get notified within minutes when a matching CVE drops.
Start monitoring free