Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-17530 PoC — Apache Struts 代码注入漏洞

Source
https://github.com/killmonday/CVE-2020-17530-s2-061
Associated Vulnerability
Title:Apache Struts 代码注入漏洞 (CVE-2020-17530)
Description:Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. Affected software : Apache Struts 2.0.0 - Struts 2.5.25.
Readme
# CVE-2020-17530-s2-061
> s2-061图形化界面的exp,only for fun and practice



# 使用

```
python CVE-2020-17530.py
```

- 填入目标地址

- 填入欲执行的系统命令

- 点击执行

![Image text](images/usage.png)

  PS:exp中内置了反弹shell函数,但懒得在GUI上添加相应的按钮和配置项,点到为止
File Snapshot

 [4.0K]  /data/pocs/fe64283924150042c7f4fd2b28f34cc650cd9173
├── [1.8K]  CVE-2020-17530.py
├── [2.0K]  exp.py
├── [4.0K]  images
│   ├── [   1]  1
│   └── [2.1M]  usage.png
└── [ 343]  README.md

1 directory, 5 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →