CVE-2020-17530

This PoC exploits CVE-2020-17530 (Struts2 RCE via OGNL injection) by crafting a malicious payload that executes arbitrary commands (e.g., launching Calculator on macOS). The Python script sends the payload via HTTP POST to a vulnerable Struts2 endpoint.

This repository contains two Python scripts demonstrating exploitation of CVE-2020-17530 (Struts2 S2-061), a remote code execution vulnerability. The scripts include a command execution PoC and a reverse shell payload, both leveraging OGNL injection via crafted payloads.

This repository contains a working PoC for CVE-2020-17530 (S2-061), demonstrating remote code execution via OGNL injection in Apache Struts2. The exploit leverages Freemarker template utility to execute arbitrary commands.

This PoC exploits CVE-2020-17530, a remote code execution vulnerability in Apache Struts2 due to unsafe OGNL expression evaluation. It constructs a malicious payload to execute arbitrary commands via a crafted URL parameter.

The repository contains only a README file with no exploit code or technical details. No actionable PoC or exploit logic is present.

This is a functional exploit for CVE-2020-17530, leveraging OGNL injection in Apache Struts to achieve remote code execution. The PoC constructs a malicious payload to execute arbitrary commands via a crafted HTTP request.

The repository contains a non-functional Python script with a placeholder print statement and a README describing CVE-2020-17530, an OGNL injection vulnerability in Apache Struts2. No actual exploit code is present.

This is a Python-based exploit for CVE-2020-17530, an OGNL injection vulnerability in Apache Struts2/Tomcat. It constructs a malicious payload to execute arbitrary system commands via OGNL expression injection.

This PoC demonstrates CVE-2020-17530, a vulnerability in Apache Struts2 where improper validation of file uploads can lead to RCE. The provided code sets up a Tomcat server with a vulnerable Struts2 configuration, allowing for exploitation via malicious file uploads.

This repository contains a Python-based exploit for CVE-2020-17530, a remote command execution vulnerability in Apache Struts2 (S2-061). The exploit leverages OGNL injection to execute arbitrary commands on vulnerable systems.

This repository contains a GUI-based exploit for CVE-2020-17530, a remote code execution vulnerability in Apache Struts2 (S2-061). The exploit leverages OGNL injection to execute arbitrary commands on the target system. The GUI allows users to input a target URL and command, then displays the output.

This PoC exploits CVE-2020-17530, a remote code execution vulnerability in Apache Struts2 (S2-061) via Freemarker template injection. It constructs a malicious payload to bypass security restrictions and execute arbitrary commands on the target system.

This Metasploit module exploits CVE-2020-17530 and CVE-2019-0230 in Apache Struts 2 by leveraging forced OGNL evaluation to achieve remote code execution (RCE). It supports both direct command execution and staged payloads for Unix/Linux targets.