How Apache Strut2 Vulnerabilities Can Compromise your Security!?

Dear Readers,

It’s a fresh week start for us & as part of our ongoing efforts to spread cyber security awareness, we’ve taken measures to go an extra mile & bring you rich blog posts about tales & adventures at Defencely Lab. We are going to explain & demonstrate how we chained up critical information to gain access to millions of customer accounts in order to safeguard our valued clientele pro-actively.

Majority of our clienttele are major finance brokering companies & we’d like to add that as the industry is grooming under leadership of real time markets, it’s critical to retain the value accordingly & an online heist would certainly impact as part of financial loss to the growing company.

Getting remote command executions using Struts2 vulnerability (CVE-2017-5638).

The vulnerability exists on the Jakarta based file upload Multipart parser. There are public exploit available, we using one of them to save time.

Credits: https://github.com/mazen160
Exploit: https://github.com/mazen160/struts-pwn

Use Git to clone the repository ..

Use the help -h flag to get more details on the flags & using the exploit. The flag –check helps us to verify if the target is vulnerable.

And that is how you get code execution.

That’s all we have for now. Let’s look forward to more amazement at Defencely Red Team Operations Labs next week for absolutely yet another amazing uncover story of how we’re adding value to our customerbase with insider threat program as well as routine sound-ful & an offensive Vulnerability Assessment followed by a Penetration Test for critical applications both at the staging level & production bases. Our manual security assessments methods have proved the best value. Feel free to touchbase at shritam@defencely.com, Shritam Bhowmick, Red Team Lead @Defencely for any Security Operations Related queries or say “Hi” to us at hi@defencely.com for inquiries.

We should see you again next week with another operational tale of the broad security premises where 0days are always a possibility & at proximity of a security compliance issue which always will be a sooner or later decision by the Indian E-Commerce Management & stakeholders.

Let’s act pro-actively.