tag:blogger.com,1999:blog-5582695980924924337.post3346333365386632377..comments2022-12-10T02:04:25.256-08:00Comments on Atucom: Apache Struts 2 Vulnerability & Exploit (CVE-2018-11776)Unknownnoreply@blogger.comBlogger3125tag:blogger.com,1999:blog-5582695980924924337.post-72832801127870347072018-08-28T07:26:52.672-07:002018-08-28T07:26:52.672-07:00Did you get it working on 2.3.x version. I tried ...Did you get it working on 2.3.x version. I tried on 2.3.34 without success.Anonymoushttps://www.blogger.com/profile/15895707711564580732noreply@blogger.comtag:blogger.com,1999:blog-5582695980924924337.post-7273232980074277022018-08-23T23:23:47.166-07:002018-08-23T23:23:47.166-07:00<3 mass!<3 mass!InurlBRhttps://www.blogger.com/profile/12688503833321390298noreply@blogger.comtag:blogger.com,1999:blog-5582695980924924337.post-8467196726779818742018-08-23T09:32:33.027-07:002018-08-23T09:32:33.027-07:00Hi!
First I would like to thank you for taking th...Hi!<br /><br />First I would like to thank you for taking the time and sharing this PoC with the community. I am currently wondering if this PoC could be lightly modded in order to try it on any *.action page which runs on Apache Struts2.<br /><br />I've replaced the target for:<br />target = sys.argv[1]<br /><br />And also the 'actionChain1.action' at the end of the payload for my &#syrius01https://www.blogger.com/profile/16649902221111127256noreply@blogger.com