cve-2017-5638

cve-2017-5638 Vulnerable site sample

This project aims to demonstrate the CVE-2017-5638 exploitation for educational purpose. For more informations, see https://cwiki.apache.org/confluence/display/WW/S2-045

Legal Disclaimer

This project is made for educational and ethical testing purposes only. Attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.

Getting started

Start the docker container :

docker run -d -p 8080:8080 jrrdev/cve-2017-5638:latest

Download the exploit script on the attacker machine here
Run the python exploit script from the attacker machine :

python exploit.py http://<DOCKER_HOST>:8080/hello "ls -l"

Name		Name	Last commit message	Last commit date
Latest commit History 25 Commits
docker		docker
exploit		exploit
src/main		src/main
.gitignore		.gitignore
Dockerfile		Dockerfile
LICENSE		LICENSE
README.md		README.md
pom.xml		pom.xml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

cve-2017-5638

Legal Disclaimer

Getting started

About

Releases

Packages

Languages

License

jrrdev/cve-2017-5638

Folders and files

Latest commit

History

Repository files navigation

cve-2017-5638

Legal Disclaimer

Getting started

About

Topics

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages