Struts2 exploits tool Devmode version released with the source code-the vulnerabilities and early warning-the black bar safety net

2016-07-13T00:00:00
ID MYHACK58:62201676875
Type myhack58
Reporter 佚名
Modified 2016-07-13T00:00:00

Description

! *Disclaimer: This tool is for security testing purposes, the prohibition of the illegal use. Please pay attention and check the tool Safety. When Struts2 turn on devMode mode, will lead to a serious remote code execution vulnerability. If the WebService to start a permission is the highest permission, can remotely execute arbitrary commands, including shutdown, to establish a new user, and delete on the server all the files and so on. Exploit tool download address: http://pan.baidu.com/s/1hrUuH7Y extract password: aagr Source address: http://pan.baidu.com/s/1i4L5pa9 extract password: xa4d