Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/oppsec/pwnfaces

😛 Primefaces 5.X EL Injection Exploit (CVE-2017-1000486)
https://github.com/oppsec/pwnfaces

cve cve-2017-1000486 elinjection exploit golang linux primefaces redteam

Last synced: 3 months ago
JSON representation

😛 Primefaces 5.X EL Injection Exploit (CVE-2017-1000486)

Awesome Lists containing this project

README 

        
# 😛 pwnfaces

> Primefaces 5.X EL Injection Exploit





    










    

    

    

    

    




___







### 🕵️ What is pwnfaces?

🕵️ **pwnfaces** is a Golang tool created to exploit the vulnerability defined as CVE-2017-1000486 (EL Injection in PrimeFaces 5.X)







### ⚡ Installing / Getting started



A quick guide of how to install and use pwnfaces.



```shell

1. go install github.com/oppsec/pwnfaces@latest

2. pwnfaces -u http://127.0.0.1:8090/javax.faces.resource/dynamiccontent.properties.xhtml

```



You can use `go install github.com/oppsec/pwnfaces@latest` to update the tool








### ⚙️ Pre-requisites

- [Golang](https://go.dev/dl/) installed on your machine.








### ✨ Features

- Extremely fast

- Low RAM and CPU usage

- Made in Golang








### 🔨 Contributing



A quick guide of how to contribute with the project.



```shell

1. Create a fork from pwnfaces repository.

2. Download the project with git clone https://github.com/your/pwnfaces.git

3. cd pwnfaces/

4. Make your changes.

5. Commit and make a git push.

6. Open a pull request.

```








### ⚠️ Warning

- The developer is not responsible for any malicious use of this tool.