{"id":20658106,"url":"https://github.com/deepfence/apache-struts","last_synced_at":"2025-04-19T13:19:16.045Z","repository":{"id":109003500,"uuid":"386460089","full_name":"deepfence/apache-struts","owner":"deepfence","description":"This repository contains sample attacks that can be used to exploit vulnerabilities in the Jakarta Multipart Parser of Apache Struts","archived":false,"fork":false,"pushed_at":"2021-07-16T04:29:52.000Z","size":10,"stargazers_count":20,"open_issues_count":0,"forks_count":0,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-03-29T08:11:38.760Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/deepfence.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-07-16T00:25:57.000Z","updated_at":"2024-01-06T04:45:55.000Z","dependencies_parsed_at":"2023-04-10T01:02:12.998Z","dependency_job_id":null,"html_url":"https://github.com/deepfence/apache-struts","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/deepfence%2Fapache-struts","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/deepfence%2Fapache-struts/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/deepfence%2Fapache-struts/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/deepfence%2Fapache-struts/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/deepfence","download_url":"https://codeload.github.com/deepfence/apache-struts/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":249702807,"owners_count":21312761,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-16T18:24:50.931Z","updated_at":"2025-04-19T13:19:16.039Z","avatar_url":"https://github.com/deepfence.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Description\r\nThis project is derived from the original project found [here](https://github.com/jrrdev/cve-2017-5638) and aims to demonstrate the [CVE-2017-5638](https://www.google.com/search?q=CVE-2017-5638\u0026rlz=1C5CHFA_enUS940US940\u0026oq=CVE-2017-5638\u0026aqs=chrome..69i57.2371j0j1\u0026sourceid=chrome\u0026ie=UTF-8) exploitation found in vulnerable versions of Apache Struts.\r\n\r\n\r\n### Build\r\n1. Apache Struts application container image\r\n   \r\n   ```\r\n   ./build.sh --registry \u003cregistry_name\u003e --type app --push\r\n   ```\r\n\r\n2. Apache Struts exploit container image\r\n   \r\n   ```\r\n   ./build.sh --registry \u003cregistry_name\u003e --type exploit --push\r\n   ```\r\n\r\n### Run Apache Struts Application (Kubernetes)\r\n1. In the `apache-struts.yaml` manifest file and update the`image` key to point to the `apache-struts-app` container image created in the previous setp. Update or delete `impagePullSecrets` as necessary.\r\n\r\n2. Deploy the Apache Struts pods:\r\n   \r\n   ```\r\n   kubectl apply -f 1-deployment.yaml\r\n   ```\r\n   \r\n3. Deploy the Apache Struts service (external load balancer):\r\n   \r\n   ```\r\n   kubectl apply -f 2-service.yaml\r\n   ```\r\n\r\n### Run Apache Struts Exploit (Docker)\r\n1. To run the standard Apache Struts exploit, modify the `image`, `host`, `src_ip`, and `dst_ip` variables in the `run_exploit.sh` file for your requirements and run the shell script:\r\n   \r\n   ```\r\n   ./run_exploit.sh\r\n   ```\r\n   \r\n2. To run the reverse web shell Apache Struts exploit, modify the `image`, `host`, `port`, `src_ip`, and `src_port` variables in the `run_webshell.sh` file for your requirements and open the designated `src_port` on the exploit host using `netcat`:\r\n\r\n   ```\r\n   nc -lvp \u003csrc_port\u003e\r\n   ```\r\n   \r\n   On the same exploit host but in a new terminal window, run the shell script:\r\n   \r\n   ```\r\n   ./run_webshell.sh\r\n   ```\r\n   \r\n   Once the exploit has completed and the `GET` response has been returned, you should have full shell access to the host, pod, or container as `root` user.\r\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdeepfence%2Fapache-struts","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdeepfence%2Fapache-struts","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdeepfence%2Fapache-struts/lists"}