Chinese Exploit Tool: http://www.blackxl.org/struts2-s2-016-exp-cve-2013-2251.html





July 17, 2013 is a safe operation and maintenance of many hackers sleepless nights… Struts2 risk vulnerabilities cause massive information leakage will affect countless Internet users (likely no one can escape ......) exploit vulnerabilities, hackers can initiate a remote attack , ranging from theft of website data, serious web server can obtain control over the composition and operation of information disclosure threats.

It clouds the current master of the situation: Struts vulnerability enormous impact, the affected site to electricity providers, banks, portals, government majority. And some automation, fool use tools began to appear, fill in the address server commands can be executed directly, or even directly read data off and other operations ...

The following is a National Computer Network Emergency Response Technical Team Coordination Center released on Apache Struts2 Remote Command Execution Vulnerability and open redirect high-risk high-risk vulnerabilities briefing:

The security bulletin number: CNTA-2013-0022

Recently, the center sponsored by the National Information Security Vulnerability Apache Struts sharing platform included the presence of a remote command execution vulnerability and an open redirect vulnerability (ID: CNVD-2013-28972, corresponding to the CVE-2013-2251; CNVD-2013-28979, corresponds to CVE-2013-2248). Exploited, can be initiated by remote attackers, ranging from websites to steal data, serious web server can obtain control over the composition and operation of information disclosure threats. The relevant information is as follows:

I. Analysis of Vulnerability

Struts2 is the second generation based on Model-View-Controller (MVC) model java enterprise-class web application framework. It is the WebWork and Struts communities merged product. Specific analysis is as follows:

1, Apache Struts Remote Command Execution Vulnerability

Because Apache Struts2 of action:, redirect: and redirect Action: Prefix parameter in achieving its function during the use of the Ognl expression and user submitted content to fight through the URL access Ognl expression, resulting in a malicious attacker can construct URL to execute arbitrary Java code, and then execute arbitrary commands.

2, Apache Struts open redirect vulnerabilities

Apache Struts 2DefaultActionMapper short path redirection parameters in dealing with the prefix "redirect:" or "redirect Action:" When there is an open redirect vulnerability allows remote attackers to exploit Operation "redirect:" or "redirect Action:" After the information, redirect URL to any location.

Second, the vulnerability assessment

CNVD for remote command execution vulnerability (CNVD-2013-28972) and an open redirect vulnerability (CNVD-2013-28979) is rated "high risk" due to redirect: and redirect Action: This two prefix Struts functionality enabled by default, so Apache Struts 2.3.15.1 The following versions affected by the vulnerability. The vulnerability to China in 2012 and important information systems within government departments, enterprises and institutions website pose a serious threat vulnerability (ID: CNVD-2013-25061, corresponding to the CVE-2013-1966) compared to the same technology and the affected rating releases.

Third, the proposed disposal loopholes

The vendor has released Apache Struts 2.3.15.1 to fix this security vulnerability, we recommend that Struts users time to upgrade to the latest version.


This blog is so popular, and I wanna say if you are interested in video conferencing, you can click the video conferencing or copy V2 video conference in the Google. 

'Hacking' 카테고리의 다른 글

Secure Coding  (0) 2013.09.21
script  (0) 2013.07.24
unlock android password  (0) 2013.07.18
salted password hashing  (0) 2013.07.11
Stealing saved passwords from your friend’s laptop  (0) 2013.07.11
Posted by CEOinIRVINE
l