Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Hackers targeting servers running Apache Struts application
- Apache Struts is a popular open-source framework for developing Java-based Web applications that's maintained by the Apache Software Foundation.
- Once hackers break into a Linux-based or Windows-based server using the Struts attack tool, they can execute pre-configured commands in order to extract information about the server's operating system, directory structure, active users, and network configuration.
- The tool also allows attackers to plant a so-called Web shell that acts as a backdoor, giving them persistent access to the servers to execute other commands and use them as they see fit, Hayashi said.
- Chinese hackers are using an automated tool to exploit known vulnerabilities in Apache Struts, in order to install backdoors on servers hosting applications developed with the framework.
- A tool for exploiting known Struts vulnerabilities is available on Chinese hacker forums, Trend Micro researchers said
- By Lucian Constantin
- Romania Correspondent, IDG News Service | AUG 15, 2013
- https://www.infoworld.com/article/2611848/hacking/hackers-targeting-servers-running-apache-struts-applications--researchers-say.html
Add Comment
Please, Sign In to add comment