API tools faq
paste
Advertisement
TVT618

Apache-Struts-Shodan-Exploit

TVT618
Aug 31st, 2018
301
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.93 KB | None | 0 0
raw download clone embed print report
  1. APACHE STRUTS SHODAN EXPLOIT POC
  2. Author: @037
  3.  
  4. Original code can be found here.
  5.  
  6. This tool takes advantage of CVE-2018-11776 and Shodan to perform mass exploitation of verified and vulnerable Apache Struts servers. Shodan search parameter has been left out to weed out any skids trying to use this tool for malicious reasons. This tool is created to be treated as a proof of concept for researchers not an attack tool.
  7. It's important to also mention this tool verifies if the host is vulnerable before performing the exploit process. Making simulated attacks stealthy.
  8.  
  9. Install and Run:
  10. sudo apt-get install python3 python3-pip
  11. sudo pip3 install shodan
  12. git clone https://github.com/649/Apache-Struts-Shodan-Exploit ApacheShodan
  13. cd ApacheShodan
  14. python3 Struts.py
  15.  
  16. Using Shodan API
  17. This tool requires you to own an upgraded Shodan API
  18. You may obtain one for free in Shodan if you sign up using a .edu email.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!