CVE-2016-3088

This Metasploit module exploits CVE-2016-3088 in Apache ActiveMQ by uploading a malicious JAR and JSP file via HTTP PUT and MOVE requests, achieving remote code execution. It leverages file upload and directory traversal to deploy a payload.

This exploit demonstrates a directory traversal vulnerability in Apache ActiveMQ's fileserver functionality on Windows systems, allowing an attacker to upload arbitrary files, including a JSP shell, leading to remote code execution. The PoC includes steps to overwrite configuration files and upload a malicious JSP file to achieve RCE.

This repository contains a functional exploit for CVE-2016-3088, which targets Apache ActiveMQ's arbitrary file write vulnerability. The code checks for default credentials, then exploits the vulnerability to write a JSP file to the server and verify its execution.

This repository contains a functional Python exploit for CVE-2016-3088, which targets Apache ActiveMQ. The exploit leverages a directory traversal vulnerability to upload a malicious JSP file, achieving remote code execution (RCE) by writing a webshell to the server.

This repository contains a functional Python exploit for CVE-2016-3088, which leverages an arbitrary file upload and move vulnerability in Apache ActiveMQ's Fileserver web application to achieve remote code execution via a JSP webshell.

This repository contains a functional Python exploit for CVE-2016-3088, targeting Apache ActiveMQ. The exploit leverages weak default credentials and a file upload vulnerability to achieve remote code execution by deploying a JSP webshell.

This repository contains a Java-based tool for detecting and exploiting multiple Apache ActiveMQ vulnerabilities, including CVE-2016-3088. It includes a GUI for environment detection, authentication handling, and exploit execution.

The repository contains a functional exploit for CVE-2016-3088, which leverages arbitrary file upload via the ActiveMQ Fileserver PUT/MOVE methods to achieve remote code execution (RCE). The exploit uploads a malicious JSP file and executes commands on the target system.

This repository contains a functional Python exploit for CVE-2016-3088, which targets Apache ActiveMQ 5.x to 5.14.0. The exploit leverages a file upload vulnerability to deploy a JSP webshell, enabling remote code execution (RCE) via crafted HTTP requests.

This repository contains a functional exploit for CVE-2016-3088, which allows remote code execution in Apache ActiveMQ via directory traversal and file upload vulnerabilities. The exploit uploads a JSP shell to the target server and provides a web interface for command execution.

This repository contains a functional Python exploit for CVE-2016-3088, an arbitrary file write vulnerability in Apache ActiveMQ. The exploit authenticates with default credentials, writes a malicious file via the fileserver endpoint, and moves it to a web-accessible directory to achieve remote code execution.

This repository contains a functional exploit for CVE-2016-3088, which targets Apache ActiveMQ. The exploit leverages arbitrary file upload and move operations to deploy a malicious JSP file, achieving remote code execution (RCE).

This Metasploit module exploits CVE-2016-3088 in Apache ActiveMQ 5.x before 5.14.0 by uploading a malicious JAR and JSP file via HTTP PUT and MOVE requests, achieving remote code execution.