CVE-2015-5254

This repository provides a proof-of-concept exploit for CVE-2015-5254, a deserialization vulnerability in Apache ActiveMQ. It demonstrates how to achieve remote code execution by sending a malicious serialized payload to an ActiveMQ instance and triggering it via the admin interface.

This repository provides a proof-of-concept for CVE-2015-5254, an Apache ActiveMQ deserialization vulnerability. It includes steps to exploit the vulnerability by sending a malicious payload to trigger remote code execution via a reverse shell.

This repository contains a functional exploit tool for CVE-2015-5254, a deserialization vulnerability in Apache ActiveMQ. It includes a GUI-based application with modules for detecting and exploiting multiple ActiveMQ vulnerabilities, including CVE-2015-5254, with support for generating payloads and executing reverse shells.

This repository demonstrates the exploitation of CVE-2015-5254, a deserialization vulnerability in Apache ActiveMQ versions up to 5.13.0. The PoC uses the 'jmet' tool to send a malicious JMS ObjectMessage payload to execute arbitrary commands (e.g., 'touch /tmp/success') on the target system.