Apache ActiveMQ 5.11.1 Directory Traversal / Shell Upload

Posted by deepcore on March 6, 2020 – 9:28 am

This Metasploit module exploits a directory traversal vulnerability (CVE-2015-1830) in Apache ActiveMQ versions 5.x before 5.11.2 for Windows. The module tries to upload a JSP payload to the /admin directory via the traversal path /fileserver/..\admin\ using an HTTP PUT request with the default ActiveMQ credentials admin:admin (or other credentials provided by the user). It then issues an HTTP GET request to /admin/.jsp on the target in order to trigger the payload and obtain a shell.

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« [local] ASUS GiftBox Desktop 1.1.1.127 – 'ASUSGiftBoxDesktop' Unquoted Service Path PHP-FPM 7.x Remote Code Execution »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Apache ActiveMQ 5.11.1 Directory Traversal / Shell Upload

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL