# CVE-2017-5638
## Table of Contents
1. [Overview](#section-features)
2. [Dependencies](#section-dependencies)
3. [Usage](#section-usage)
## [Overview](id:section-featuers)
This project is a prove-of-concept for the Apache Struts vulnerabilty.
The goal was to create software that can generate and test random IPs for the vulnerabilty described above.
Use this project on your own risk and for educational purpose only.
## [Dependencies](id:section:dependencies)
* cURL
* cURL is used to send the crafted header to a certain IP address on a certain Port.
* Nmap
* Nmap is used to create the random IP addresses that contains an open port 80 or 443.
## [Usage](id:section-usage)
**Generate random IPs and save them to a text file.**
```bash
./get_ip.sh [Number of hosts to scan] [What port to scan] [Filename to write output]
```
```bash
./get_ip.sh 10000 80 output.txt
```
**Check for vulnerability for a specific IP address.**
```bash
./struts_check.sh [ip address] [port]
```
```bash
./struts_check.sh 127.0.0.1 80
```
**Check for vulnerability for a list of IP addresses.**
```bash
./main.sh [Text file containing IP adresses] [Port]
```
```bash
./main.sh output.txt 443
```
**Execute a command on a server without the Apache struts vulnerability patch**
```bash
./struts_attack.sh [IP Adres] [Command]
```
```bash
./struts_attack.sh https://127.0.0.1 whoami
```
Log in to view the POC file snapshot cached by Shenlong Bot
Log in to view