Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-46604 PoC — Apache ActiveMQ, Apache ActiveMQ Legacy OpenWire Module: Unbounded deserialization causes ActiveMQ to be vulnerable to a

Source
https://github.com/evkl1d/CVE-2023-46604
Associated Vulnerability
Title:Apache ActiveMQ, Apache ActiveMQ Legacy OpenWire Module: Unbounded deserialization causes ActiveMQ to be vulnerable to a remote code execution (RCE) attack (CVE-2023-46604)
Description:The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause either the client or the broker (respectively) to instantiate any class on the classpath. Users are recommended to upgrade both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3 which fixes this issue.
Readme
# CVE-2023-46604

This repository contains an exploit script and a Proof of Concept (PoC) XML file for the CVE-2023-46604 vulnerability affecting Apache ActiveMQ. The vulnerability allows for remote code execution due to unsafe deserialization practices within the OpenWire protocol.

## Description

CVE-2023-46604 is a deserialization vulnerability that exists in Apache ActiveMQ's OpenWire protocol. This flaw can be exploited by an attacker to execute arbitrary code on the server where ActiveMQ is running. The exploit script in this repository automates the process of sending a crafted request to the server to trigger the vulnerability.

## Repository Contents

- `exploit.py` - The main Python exploit script that triggers the vulnerability.
- `poc.xml` - An XML file that serves as a proof of concept for the exploit.

## Prerequisites

Before running the exploit script, ensure that you have:

- Python 3.x installed on your system.
- Network access to the vulnerable ActiveMQ server.
- The URL to the `poc.xml` file, which should be accessible by the target ActiveMQ server.

## Usage

To use the exploit script, you need to provide the IP address of the target ActiveMQ server, the port number (default is 61616), and the URL to the `poc.xml` file.

```
python exploit.py -i <target-ip> -p <target-port> -u <url-to-poc.xml>
```

Replace `<target-ip>`, `<target-port>`, and `<url-to-poc.xml>` with the appropriate values for your target environment.

## Credits
The exploit script provided in this repository is based on an original exploit written in Go by [X1r0z](https://github.com/X1r0z/ActiveMQ-RCE). The Python version aims to provide a similar exploit in a different programming language while maintaining the effectiveness of the original exploit.

## Disclaimer

This exploit is provided for educational purposes only. The authors of this repository are not responsible for any misuse or damage caused by this material. Use it at your own risk.

## Contact

If you have any questions or feedback regarding this exploit, please open an issue in this repository.
File Snapshot

 [4.0K]  /data/pocs/fdd8365bde9fed568774c0336d44356054a138a5
├── [1.8K]  exploit.py
├── [ 666]  poc.xml
└── [2.0K]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →