Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/prakharathreya/Struts2-RCE

A Burp Extender for checking for struts 2 RCE vulnerabilities.
https://github.com/prakharathreya/Struts2-RCE

burp-extensions struts2 struts2-rce

Last synced: 22 days ago
JSON representation

A Burp Extender for checking for struts 2 RCE vulnerabilities.

Awesome Lists containing this project

README 

        
# Struts2-RCE

A Burp Extender to check for struts 2 RCE vulnerabilities.



# Description



This burp extension helps identify Struts2 remote code execution vulnerabilities in the struts2 web application. This Burp extension detects the following 18 RCEs: 



* S2-001 

* S2-007

* S2-008

* S2-012

* S2-013

* S2-014

* S2-015

* S2-016

* S2-019

* S2-029

* S2-032

* S2-033

* S2-037

* S2-045

* S2-048

* S2-053

* S2-057

* S2-DevMode



## Loading the extension



```bash

Burp Suite->Extender->Add->Select the Struts.jar file->Next.

```

Once loaded without any error a new tab will pop up within the existing burp instance.



## Usage



A single HTTP request can be scanned just by Right-clicking on the selected request and clicking on 'Check for Struts RCE'.



Scanning multiple requests or scanning a complete application requires a complete crawl of the application. Note, this extension will not attempt to find any new parameter rather it will target only the existing parameters.



```bash

Burp->Target->Site map->Contents->Select all the URLs to be scanned->Right click->'Check for Struts RCE'.

```



If the URL or any parameter is prone to any Struts2 vulnerabilities it will populate under the “Struts Finder” tab. If not vulnerable, no data will reflect.



**Note:** Make sure **Extender** is checked under **Session Handling Rules**.

```bash

Burp->Project options->Session Handling Rules->Click on Edit->Scope->Tools Scope->Check mark Extender->Save.

```



**Credits**



* Prakhar Athreya